English

Triggering and Detecting Exploitable Library Vulnerability from the Client by Directed Greybox Fuzzing

Cryptography and Security 2026-04-07 v1 Software Engineering

Abstract

Developers utilize third-party libraries to improve productivity, which also introduces potential security risks. Existing approaches generate tests for public functions to trigger library vulnerabilities from client programs, yet they depend on proof-of-concepts (PoCs), which are often unavailable. In this paper, we propose a new approach, LiveFuzz, based on directed greybox fuzzing (DGF) to detect the exploitability of library vulnerabilities from client programs without PoCs. LiveFuzz exploits a target tuple to extend existing DGF techniques to cross-program scenarios. Based on the target tuple, LiveFuzz introduces a novel Abstract Path Mapping mechanism to project execution paths, mitigating the preference for shorter paths. LiveFuzz also proposes a risk-based adaptive mutation to mitigate excessive mutation. To evaluate LiveFuzz, we construct a new dataset including 61 cases of library vulnerabilities exploited from client programs. Results show that LiveFuzz increases the number of target-reachable paths compared with all baselines and improves the average speed of vulnerability exposure. Three vulnerabilities are triggered exclusively by LiveFuzz.

Keywords

Cite

@article{arxiv.2604.04102,
  title  = {Triggering and Detecting Exploitable Library Vulnerability from the Client by Directed Greybox Fuzzing},
  author = {Yukai Zhao and Menghan Wu and Xing Hu and Shaohua Wang and Meng Luo and Xin Xia},
  journal= {arXiv preprint arXiv:2604.04102},
  year   = {2026}
}

Comments

12 pages

R2 v1 2026-07-01T11:54:27.447Z