Fuzzing operating system kernels to discover deep and complex bugs is difficult to accomplish, as kernels reside between hardware and user applications, exposing a variety of input vectors that affect their internal state. Previous approaches mainly use a kernel’s system call interface to deliver test payloads into the kernel, but reaching states and triggering bugs also require collaborative efforts from other input vectors, such as runtime parameters. Kernel runtime parameters greatly affect the execution behavior of the kernel under test, as they alter internal execution flows and thus require kernel fuzzers to manipulate them in conjunction with invoking system calls to effectively root out bugs. In this paper, we present CSGO, a kernel fuzzer that discovers more in-depth bugs through fuzzing kernel runtime parameters in conjunction with system calls. CSGO’s approach is achieved through the following designs. First, CSGO generates valid test case generation syntax for kernel configurations by extracting available parameters exposed by the kernel. Then, for the extracted parameters, CSGO statically deduces relations between the configurations and kernel system calls for initial generation guidance. Finally, during fuzzing, CSGO dynamically refines the relations between the configurations and system calls by interpreting execution feedback. We implemented CSGO and evaluated its approach on recent versions of the Linux kernel. Our results show that CSGO achieves an average of 21% improvement in overall coverage compared with existing state-of-the-art kernel fuzzers and triggers 21 previously unknown bugs, with 8 fixed by kernel maintainers.