In this paper, we propose SYSTEM, a novel fuzzer that uses a symbolic virtual machine (SVM) to generate input programs.
We used SYSTEM to search for bugs in binutils version 2.34, and we found 50 new bugs. The search ran for 24 hours on a system with a EPYC 7003 CPU and 1 TB of memory. We found 8 high severity vulnerabilities: CVE-2020-2736, CVE-2020-2737, CVE-2020-25758, CVE-2020-25759, CVE-2020-25757, CVE-2020-25756, CVE-2020-25760 and CVE-2020-25754.
We use SYSTEM to search for bugs in parser generators and programming languages. We found 4 new vulnerabilities in the Racc ruby parser generator.
We use SYSTEM to search for bugs in three Linux distributions: Arch Linux, Fedora and Debian. We found 31 bugs in a one week search. 14 of the bugs are medium or high severity.