SaTC: CORE: Small: Collaborative: Towards Facilitating Kernel Vulnerability Reproduction by Fusing Crowd and Machine Generated Data

Linux kernel is one of the most security-critical components in today's computer and networked systems. Ranging from enterprise data centers and nationwide infrastructures to individual users' mobile phones and IoT devices, Linux kernel is playing a central role in managing these systems. As such, kernel bugs and vulnerabilities, if not timely patched, could lead to catastrophic consequences. Due to the high complexity of the kernel software, finding all the vulnerabilities during the development phase is near impossible. In recent years, crowdsourcing efforts have shown great success in discovering kernel vulnerabilities, where security professionals, hackers, and users can all contribute by submitting kernel bug reports. However, recent research (including our recent works) shows that many vulnerability reports are not reproducible. In addition, bug reports generated by automated tools (e.g., kernel fuzzers) also suffer from reproduction difficulties. Non-reproducible reports can cause significant delays to the patching process or mislead the kernel vendors to incorrectly assess the severity of the vulnerabilities. In this project, we propose to develop a series of automated methods to facilitate kernel vulnerability reproduction. The idea is to design novel inference models to infer and construct the needed information for bug reproduction based on the provided information in human-crafted and machine-generated kernel bug reports. To understand the challenges of kernel bug reproduction, we have conducted a preliminary study by collecting over 2,000 kernel bug reports from the year of 2018. We find that 38% of the reports cannot be reproduced due to (1) missing information on the compilation configuration; (2) a lack of data to construct the contexts for triggering the bug, and (3) inaccurate or incomplete information about the vulnerable kernel versions. In this project, we develop new approaches using static and dynamic program analysis to automate the process of inferring, constructing, and validating such information for kernel vulnerability reproduction.