January/February updates

1 files changed, 30 insertions, 2 deletions

diff --git a/README.md b/README.md
index 84da56f..ce1fb3d 100644
--- a/README.md
+++ b/README.md
@@ -52,6 +52,14 @@ See [xairy.io/trainings/](https://xairy.io/trainings/).
 
 ### Exploitation
 
+[2024: "K-LEAK: Towards Automating the Generation of Multi-Step Infoleak Exploits against the Linux Kernel"](https://www.ndss-symposium.org/wp-content/uploads/2024-935-paper.pdf) [paper]
+
+[2024: "Beyond Control: Exploring Novel File System Objects for Data-Only Attacks on Linux Systems"](https://arxiv.org/pdf/2401.17618.pdf) [paper]
+
+[2023: "No Tux Given: Diving Into Contemporary Linux Kernel Exploitation" by sam4k](https://sam4k.com/content/files/2024/01/no_tux_given.pdf) [slides]
+
+[2023: "Linux Kernel Exploitation series" by santaclz](https://santaclz.github.io/2023/11/03/Linux-Kernel-Exploitation-Getting-started-and-BOF.html) [article] [[part2](https://santaclz.github.io/2024/01/20/Linux-Kernel-Exploitation-Heap-techniques.html)] [[part 3](https://santaclz.github.io/2024/01/29/Linux-Kernel-Exploitation-exploiting-race-condition-and-UAF.html)]
+
 [2023: "RetSpill: Igniting User-Controlled Data to Burn Away Linux Kernel Protections"](https://kylebot.net/papers/retspill.pdf) [paper]
 
 [2023: "Understanding Dirty Pagetable - m0leCon Finals 2023 CTF Writeup"](https://ptr-yudai.hatenablog.com/entry/2023/12/08/093606) [article]
@@ -384,7 +392,9 @@ See [xairy.io/trainings/](https://xairy.io/trainings/).
 
 ### LPE
 
-[2023: "Conquering the memory through io_uring - Analysis of CVE-2023-2598"](https://anatomic.rip/cve-2023-2598/) [article] [CVE-2023-2598]
+[2023: "Linux Kernel GSM Multiplexing Race Condition Local Privilege Escalation Vulnerability (CVE-2023-6546)" by Nassim Asrir](https://github.com/Nassim-Asrir/ZDI-24-020/) [CVE-2023-6546]
+
+[2023: "Conquering the memory through io_uring - Analysis of CVE-2023-2598"](https://anatomic.rip/cve-2023-2598/) [article] [[exploit](https://github.com/ysanatomic/io_uring_LPE-CVE-2023-2598)] [CVE-2023-2598]
 
 [2023: "Conquering a Use-After-Free in nf_tables: Detailed Analysis and Exploitation of CVE-2022-32250" by Yordan Stoychev](https://anatomic.rip/cve-2022-32250/) [article] [CVE-2022-32250]
 
@@ -846,6 +856,10 @@ See [xairy.io/trainings/](https://xairy.io/trainings/).
 
 ### Other
 
+[2024: "PowerVR GPU - GPU Firmware may overwrite arbitrary kernel pages by RGXCreateFreeList"](https://bugs.chromium.org/p/apvi/issues/detail?id=140) [report]
+
+[2024: "PowerVR GPU - UAF race conditon by DevmemIntPFNotify and DevmemIntCtxRelease"](https://bugs.chromium.org/p/apvi/issues/detail?id=141) [report]
+
 [2023: "Ubuntu Shiftfs: Unbalanced Unlock Exploitation Attempt" by Jean-Baptiste Cayrou](https://www.synacktiv.com/sites/default/files/2023-11/ubuntu_shiftfs.pdf) [slides] [CVE-2023-2612]
 
 [2023: "Attacking NPUs of Multiple Platforms"](https://i.blackhat.com/EU-23/Presentations/EU-23-Zhang-Attacking-NPUs-of-Multiple-Platforms.pdf) [slides] [CVE-2022-22265] [CVE-2020-28343] [SVE-2021-20204] [CVE-2023-42483] [CVE-2023-45864]
@@ -919,6 +933,12 @@ See [xairy.io/trainings/](https://xairy.io/trainings/).
 
 ## Finding Bugs
 
+[2024: "SyzBridge: Bridging the Gap in Exploitability Assessment of Linux Kernel Bugs in the Linux Ecosystem"](https://zhyfeng.github.io/files/2024-NDSS-SyzBridge.pdf) [paper]
+
+[2024: "SyzRetrospector: A Large-Scale Retrospective Study of Syzbot"](https://arxiv.org/pdf/2401.11642.pdf) [paper]
+
+[2023: "KernelGPT: Enhanced Kernel Fuzzing via Large Language Models"](https://arxiv.org/pdf/2401.00563.pdf) [paper]
+
 [2023: "SyzDirect: Directed Greybox Fuzzing for Linux Kernel"](https://yuanxzhang.github.io/paper/syzdirect-ccs23.pdf) [paper]
 
 [2023: "Using ASAN and KASAN and then Interpreting their shadow memory reports" by Kaiwan N Billimoria](https://kernelmeetup.files.wordpress.com/2023/11/lt_1_using_asan_and_kasan_and_then_interpreting_their_shadow_memory_repo.pdf) [article]
@@ -1571,6 +1591,8 @@ https://github.com/heki-linux
 
 https://github.com/oswalpalash/linux-kernel-regression-tests
 
+https://github.com/google/security-research/blob/master/analysis/kernel/heap-exploitation/README.md [CodeQL] [[dashboard](https://lookerstudio.google.com/reporting/68b02863-4f5c-4d85-b3c1-992af89c855c/page/n92nD)]
+
 
 ## Practice
 
@@ -1580,7 +1602,7 @@ https://github.com/oswalpalash/linux-kernel-regression-tests
 
 [2020: "pwn.college: Module: Kernel Security"](https://pwn.college/modules/kernel) [workshop]
 
-[2020: "Android Kernel Exploitation" by Ashfaq Ansari](https://github.com/cloudfuzz/android-kernel-exploitation) [workshop]
+[2020: "Android Kernel Exploitation" by Ashfaq Ansari](https://github.com/cloudfuzz/android-kernel-exploitation) [workshop] [[video](https://www.youtube.com/watch?v=8ySHpVCYcbk)]
 
 
 ### CTF Tasks
@@ -1772,6 +1794,10 @@ https://github.com/0xor0ne/awesome-list/
 
 ## Misc
 
+[2024: "Linux is a CNA" by Greg Kroah-Hartman](http://www.kroah.com/log/blog/2024/02/13/linux-is-a-cna/) [article]
+
+[2024: "An Investigation of Patch Porting Practices of the Linux Kernel Ecosystem"](https://arxiv.org/pdf/2402.05212.pdf) [paper]
+
 [2023: "Syzbot: 7 years of continuous kernel fuzzing" by Aleksandr Nogikh](https://lpc.events/event/17/contributions/1521/attachments/1272/2698/LPC'23_%20Syzbot_%207%20years%20of%20continuous%20kernel%20fuzzing.pdf) [slides] [[video](https://www.youtube.com/watch?v=sDMNEBoTtrI)]
 
 [2023: "Operating system security: how to get into the subject" by Alexander Popov](https://www.youtube.com/watch?v=pq-0JKKNZVQ) [video]
@@ -1808,6 +1834,8 @@ https://github.com/0xor0ne/awesome-list/
 
 [grsecurity CVE-Dataset](https://docs.google.com/spreadsheets/u/0/d/1JO43UfT7Vjun9ytSWNdI17xmnzZMg19Tii-rKw94Rvw/htmlview#gid=0) [spreadsheet]
 
+[Syzkaller Coverage Dashboard](https://lookerstudio.google.com/reporting/41ae4a20-9826-4f7f-be14-a934a04686fe/page/4EOpD)
+
 https://github.com/nccgroup/exploit_mitigations
 
 https://github.com/bsauce/kernel-security-learning