Biography

Hey, this is Yunlong Lyu. Welcome to my page.

West wind withered trees, alone on high tower, I gazed at distant lanes.
No regrets, my belt loose, but love's enduring strain for you.
Seeking her again and again, in dim light, she resides, where lanterns wane.

Hey, I am Yunlong Lyu, currently working at Tencent Security Big Data Laboratory. I am dedicated to using AI to solve problems in the field of software and system security. I have detected and fixed nearly a hundred security vulnerabilities in well-known open-source software such as the Linux kernel. I obtained a master's degree in CyperSpace Security from the University of Science and Technology of China in 2022, under the guidance of Professor Qibin Sun. In 2019, I received a bachelor's degree in Information Security from China University of Geosciences (Wuhan). From 2020 to 2021, I interned at the G.O.S.S.I.P Software Security Research Group at Shanghai Jiao Tong University, under the guidance of Professor Juanru Li.

Research Interests

  • Software Bug Detection
  • Fuzzing Harness Generation
  • Binary Similarity Detection

昨夜西风凋碧树,独上高楼,望尽天涯路。
衣带渐宽终不悔,为伊消得人憔悴。
众里寻他千百度,蓦然回首,那人却在,灯火阑珊处。

Hey,我是吕云龙,目前在腾讯安全大数据实验室工作,致力于用AI来解决软件安全和系统安全领域中的问题,曾在知名开源软件(如Linux kernel)上检测并修复近百个安全缺陷。 我于2022年在中国科学技术大学获得了网络空间安全专业的硕士学位,指导老师为孙启彬教授, 并于2019年在中国地质大学(武汉)获得信息安全专业的学士学位。 在2020年至2021年,我曾在上海交通大学 G.O.S.S.I.P 软件安全研究组实习,指导老师为李卷孺

研究兴趣

  • 软件安全缺陷检测
  • 模糊测试用例生成
  • 二进制代码相似性检测

Publiciations

🏆Trophy

ID Project Bug ID Bug Type Method
1 Linux kernel 3093ee182f use-after-free Goshawk
2 Linux kernel 2bb817712e double-free Goshawk
3 Linux kernel db74623a38 use-after-free Goshawk
4 Linux kernel ea45b6008f double-free Goshawk
5 Linux kernel 63415767a2 use-after-free Goshawk
6 Linux kernel 6e5a03bcba use-after-free Goshawk
7 Linux kernel 8392df5d7e use-after-free Goshawk
8 Linux kernel f7cae626ca double-free Goshawk
9 Linux kernel b25b343db0 double-free Goshawk
10 Linux kernel a8e083ee8e double-free Goshawk
11 Linux kernel 076de75de1 double-free Goshawk
12 Linux kernel 6bf24dc0cc double-free Goshawk
13 Linux kernel 6d72e7c767 use-after-free Goshawk
14 Linux kernel 643001b47a use-after-free Goshawk
15 Linux kernel 7525858679 double-free Goshawk
16 Linux kernel 37df9f3fed double-free Goshawk
17 Linux kernel 1b479fb801 double-free Goshawk
18 Linux kernel 9ceee7d084 use-after-free Goshawk
19 Linux kernel bdc2ab5c61 use-after-free Goshawk
20 Linux kernel adb76a520d use-after-free Goshawk
21 Linux kernel c8c165dea4 use-after-free Goshawk
22 Linux kernel abec6561fc use-after-free Goshawk
23 Linux kernel 1c98f57440 use-after-free Goshawk
24 Linux kernel 34b39efa5a double-free Goshawk
25 Linux kernel 72ce11ddfa double-free Goshawk
26-27 Linux kernel 4fb44dd2c1 use-after-free Goshawk
28 Linux kernel 52762efa2b use-after-free Goshawk
29 Linux kernel 9272e5d002 double-free Goshawk
30 Linux kernel ea995218dd double-free Goshawk
31-32 Linux kernel 7272b591c4 use-after-free Goshawk
33 Linux kernel 115726c5d3 double-free Goshawk
34 Linux kernel 01fe904c9a use-after-free Goshawk
35 Linux kernel 1404497 double-free Goshawk
36-40 Linux kernel aadb22ba2f6 use-after-free Goshawk
41 Linux kernel f973795a double-free Goshawk
42 Linux kernel 7b0ddc134 use-after-free Goshawk
43 FreeBSD kernel 255859 use-after-free Goshawk
44 FreeBSD kernel 255862 double-free Goshawk
45 FreeBSD kernel 255863 use-after-free Goshawk
46 FreeBSD kernel 255864 double-free Goshawk
47-48 FreeBSD kernel 255865 use-after-free Goshawk
49 FreeBSD kernel 255866 use-after-free Goshawk
50 FreeBSD kernel 255868 use-after-free Goshawk
51 FreeBSD kernel 255869 use-after-free Goshawk
52 FreeBSD kernel 255871 use-after-free Goshawk
53 FreeBSD kernel 255872 use-after-free Goshawk
54 FreeBSD kernel 255874 double-free Goshawk
55 FreeBSD kernel 255875 double-free Goshawk
56 FreeBSD kernel 255878 double-free Goshawk
57 FreeBSD kernel 255879 double-free Goshawk
58 FreeBSD kernel 255880 double-free Goshawk
59 FreeBSD kernel 255881 use-after-free Goshawk
60 OpenSSL 14910 double-free Goshawk
61 OpenSSL 14913 double-free Goshawk
62 OpenSSL 14914 double-free Goshawk
63 OpenSSL 14915 double-free Goshawk
64-67 OpenSSL 14916 double-free Goshawk
68 OpenSSL 20278 double-free Goshawk
69 OpenSSL 20299 use-after-free Goshawk
70 Redis 8797 use-after-free Goshawk
71-75 Tencent-IoT-Explorer-SDK 10 double-free Goshawk
76-77 Tencent-IoT-Explorer-SDK 11 use-after-free Goshawk
78-80 Tencent-IoT-SDK 37 use-after-free Goshawk
81 cJSON 722 null-pointer-crash Hopper
82 cJSON 726 null-pointer-crash Hopper
83-84 c-ares 496 stack-overflow Hopper
85 libpng 453 invalid-string Hopper
86 zlib 761 SEGV Hopper
87 zlib 837 SEGV Hopper
88 zlib 840 SEGV Hopper
89 sqlite3 bbbbb66b6b SEGV Hopper
90 Little-CMS 350 SEGV Hopper
91 Little-CMS 351 SEGV Hopper
92 Little-CMS 353 SEGV Hopper
93 Little-CMS 354 SEGV Hopper
94 Little-CMS 355 SEGV Hopper
95-96 Libpcap 1147 SEGV Hopper
97-101 Python cef5438cc896 null-pointer-dereference SparrowHawk
102 Vim b9616af23f31 double-free SparrowHawk
103-104 GnuTLS Reported via mails null-pointer-dereference SparrowHawk
105 GnuTLS Reported via mails double-free SparrowHawk
106-117 OpenHarmony (third-party) by mails null-pointer-dereference SparrowHawk
118 Libaom 3489 SEGV PromptFuzz
119 Libaom 3509 Uninitialized memory PromptFuzz
120 Libaom 3510 Integer overflow PromptFuzz
121 Libaom 3534 SEGV PromptFuzz
122 LibVpx 1817 SEGV PromptFuzz
123 LibVpx 1827 Buffer overflow PromptFuzz
124 LibVpx 1828 Integer overflow PromptFuzz
125 LibVpx 1831 Integer overflow PromptFuzz
126 LibVpx 1837 SEGV PromptFuzz
127 LibTIFF CVE-2023-6277

(CVSS 6.5)

OOM PromptFuzz
128 LibTIFF 619 OOM PromptFuzz
129-130 LibTIFF 620 OOM PromptFuzz
131 LibTIFF CVE-2023-52355

(CVSS 7.5 HIGH!)

OOM PromptFuzz
132 LibTIFF CVE-2023-52356

(CVSS 7.5 HIGH!)

SEGV PromptFuzz
133 Sqlite3 e77a5c3445 null-pointer-crash PromptFuzz
134 Sqlite3 9ce835fe96 null-pointer-crash PromptFuzz
135 Sqlite3 5e3fc453a6 null-pointer-crash PromptFuzz
136-137 c-ares d62627e8b3 Memory leak PromptFuzz
138 Libjpeg-turbo 735 OOM PromptFuzz
139 Libjpeg-turbo 05652673 OOM PromptFuzz
140 libpcap 1233 File leak PromptFuzz
141 libpcap 1239 null-pointer-crash PromptFuzz
142 cJSON 807 null-pointer-crash PromptFuzz
143 curl 12775 Abort PromptFuzz