A research team from Purdue University has created a tool, USBFuzz, which fuzzes calls to the USB driver stack. Apparently the tool is pretty groundbreaking. The researchers said,
“At its core, USBFuzz uses a software-emulated USB device to provide random device data to drivers (when they perform IO operations).”
The researchers tested the tool on:
- 9 recent versions of the Linux kernel: v4.14.81, v4.15,v4.16, v4.17, v4.18.19, v4.19, v4.19.1, v4.19.2, and v4.20-rc2 (the latest version at the time of evaluation)
- FreeBSD 12 (the latest release)
- MacOS 10.15 Catalina (the latest release)
- Windows (both version 8 and 10, with most recent security updates installed)
In total, they found 26 new bugs. They discovered one new bug in FreeBSD, three in MacOS (one of which froze the system), four in Windows 8 and 10 (producing BSOD), and get this, 18 in Linux. Sixteen of the Linux bugs were “memory bugs of high-security impact in various Linux subsystems”. Of the 18 Linux bugs, 11 received a CVE and have already been patched.
The team’s research results will be presented at the Usenix Security Symposium virtual security conference in August 2020. Then USBFuzz will be open-sourced and released to the public.