diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 16 |
1 files changed, 8 insertions, 8 deletions
| @@ -58,14 +58,14 @@ Pull requests are welcome. | |||
| 58 | 58 | ||
| 59 | [2015: "Linux Kernel Exploitation" by Patrick Biernat](http://security.cs.rpi.edu/courses/binexp-spring2015/lectures/23/13_lecture.pdf) [slides] | 59 | [2015: "Linux Kernel Exploitation" by Patrick Biernat](http://security.cs.rpi.edu/courses/binexp-spring2015/lectures/23/13_lecture.pdf) [slides] |
| 60 | 60 | ||
| 61 | [2014: "Writing kernel exploits" by Keegan McAllister](https://tc.gtisc.gatech.edu/bss/2014/r/kernel-exploits.pdf) [slides] | ||
| 62 | |||
| 63 | [2013: "Kernel stack overflows (basics)" by Essa Alkuwari](https://blog.0x80.org/kernel-stack-overflows-basics/) [article] | 61 | [2013: "Kernel stack overflows (basics)" by Essa Alkuwari](https://blog.0x80.org/kernel-stack-overflows-basics/) [article] |
| 64 | 62 | ||
| 65 | [2013, Black Hat USA: "Hacking like in the Movies: Visualizing Page Tables for Local Exploitation"](https://www.youtube.com/watch?v=Of6DemoMLaA) | 63 | [2013, Black Hat USA: "Hacking like in the Movies: Visualizing Page Tables for Local Exploitation"](https://www.youtube.com/watch?v=Of6DemoMLaA) |
| 66 | 64 | ||
| 67 | [2013: "Exploiting linux kernel heap corruptions" by Mohamed Channam](http://resources.infosecinstitute.com/exploiting-linux-kernel-heap-corruptions-slub-allocator/) [article] | 65 | [2013: "Exploiting linux kernel heap corruptions" by Mohamed Channam](http://resources.infosecinstitute.com/exploiting-linux-kernel-heap-corruptions-slub-allocator/) [article] |
| 68 | 66 | ||
| 67 | [2012: "Writing kernel exploits" by Keegan McAllister](https://tc.gtisc.gatech.edu/bss/2014/r/kernel-exploits.pdf) [slides] | ||
| 68 | |||
| 69 | [2012: "Understanding Linux Kernel Vulnerabilities" by Richard Carback](https://www.csee.umbc.edu/courses/undergraduate/421/Spring12/02/slides/ULKV.pdf) [slides] | 69 | [2012: "Understanding Linux Kernel Vulnerabilities" by Richard Carback](https://www.csee.umbc.edu/courses/undergraduate/421/Spring12/02/slides/ULKV.pdf) [slides] |
| 70 | 70 | ||
| 71 | [2012: "A Heap of Trouble: Breaking the Linux Kernel SLOB Allocator" by Dan Rosenberg](https://www.vsecurity.com//download/papers/slob-exploitation.pdf) [whitepaper] | 71 | [2012: "A Heap of Trouble: Breaking the Linux Kernel SLOB Allocator" by Dan Rosenberg](https://www.vsecurity.com//download/papers/slob-exploitation.pdf) [whitepaper] |
| @@ -134,6 +134,10 @@ Pull requests are welcome. | |||
| 134 | 134 | ||
| 135 | [2017: "Race For Root: The Analysis Of The Linux Kernel Race Condition Exploit" by Alexander Popov](https://program.sha2017.org/system/event_attachments/attachments/000/000/111/original/a13xp0p0v_race_for_root_SHA2017.pdf) [slides, CVE-2017-2636] | 135 | [2017: "Race For Root: The Analysis Of The Linux Kernel Race Condition Exploit" by Alexander Popov](https://program.sha2017.org/system/event_attachments/attachments/000/000/111/original/a13xp0p0v_race_for_root_SHA2017.pdf) [slides, CVE-2017-2636] |
| 136 | 136 | ||
| 137 | [2017: "CVE-2017-2636: exploit the race condition in the n_hdlc Linux kernel driver bypassing SMEP" by Alexander Popov](https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html) [article, CVE-2017-2636] | ||
| 138 | |||
| 139 | [2017: "CVE-2017-2636: local privilege escalation flaw in n_hdlc" by Alexander Popov](http://seclists.org/oss-sec/2017/q1/569) [announcement, CVE-2017-2636] | ||
| 140 | |||
| 137 | [2017: "Dirty COW and why lying is bad even if you are the Linux kernel"](https://chao-tic.github.io/blog/2017/05/24/dirty-cow) [article, CVE-2016-5195] | 141 | [2017: "Dirty COW and why lying is bad even if you are the Linux kernel"](https://chao-tic.github.io/blog/2017/05/24/dirty-cow) [article, CVE-2016-5195] |
| 138 | 142 | ||
| 139 | [2017: "NDAY-2017-0103: Arbitrary kernel write in sys_oabi_epoll_wait" by Zuk Avraham](https://blog.zimperium.com/nday-2017-0103-arbitrary-kernel-write-in-sys_oabi_epoll_wait/) [article, CVE-2016-3857] | 143 | [2017: "NDAY-2017-0103: Arbitrary kernel write in sys_oabi_epoll_wait" by Zuk Avraham](https://blog.zimperium.com/nday-2017-0103-arbitrary-kernel-write-in-sys_oabi_epoll_wait/) [article, CVE-2016-3857] |
| @@ -148,10 +152,6 @@ Pull requests are welcome. | |||
| 148 | 152 | ||
| 149 | [2017: "NDAY-2017-0102: Elevation of Privilege Vulnerability in NVIDIA Video Driver" by Zuk Avraham](https://blog.zimperium.com/nday-2017-0102-elevation-of-privilege-vulnerability-in-nvidia-video-driver/) [article, CVE-2016-2435] | 153 | [2017: "NDAY-2017-0102: Elevation of Privilege Vulnerability in NVIDIA Video Driver" by Zuk Avraham](https://blog.zimperium.com/nday-2017-0102-elevation-of-privilege-vulnerability-in-nvidia-video-driver/) [article, CVE-2016-2435] |
| 150 | 154 | ||
| 151 | [2017: "CVE-2017-2636: exploit the race condition in the n_hdlc Linux kernel driver bypassing SMEP" by Alexander Popov](https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html) [article, CVE-2017-2636] | ||
| 152 | |||
| 153 | [2017: "CVE-2017-2636: local privilege escalation flaw in n_hdlc" by Alexander Popov](http://seclists.org/oss-sec/2017/q1/569) [announcement, CVE-2017-2636] | ||
| 154 | |||
| 155 | [2017: "CVE-2017-6074: DCCP double-free vulnerability (local root)" by Andrey Konovalov](http://seclists.org/oss-sec/2017/q1/471) [announcement, CVE-2017-6074] | 155 | [2017: "CVE-2017-6074: DCCP double-free vulnerability (local root)" by Andrey Konovalov](http://seclists.org/oss-sec/2017/q1/471) [announcement, CVE-2017-6074] |
| 156 | 156 | ||
| 157 | [2016: "CVE-2016-8655 Linux af_packet.c race condition (local root)" by Philip Pettersson](http://seclists.org/oss-sec/2016/q4/607) [announcement, CVE-2016-8655] | 157 | [2016: "CVE-2016-8655 Linux af_packet.c race condition (local root)" by Philip Pettersson](http://seclists.org/oss-sec/2016/q4/607) [announcement, CVE-2016-8655] |
| @@ -198,9 +198,9 @@ Pull requests are welcome. | |||
| 198 | 198 | ||
| 199 | [2015, Project Zero: "Exploiting the DRAM rowhammer bug to gain kernel privileges" by Mark Seaborn and Thomas Dullien](https://googleprojectzero.blogspot.de/2015/03/exploiting-dram-rowhammer-bug-to-gain.html) [article, rowhammer] | 199 | [2015, Project Zero: "Exploiting the DRAM rowhammer bug to gain kernel privileges" by Mark Seaborn and Thomas Dullien](https://googleprojectzero.blogspot.de/2015/03/exploiting-dram-rowhammer-bug-to-gain.html) [article, rowhammer] |
| 200 | 200 | ||
| 201 | [2014: "Exploiting CVE-2014-0196 a walk-through of the Linux pty race condition PoC" by Samuel Gross](http://blog.includesecurity.com/2014/06/exploit-walkthrough-cve-2014-0196-pty-kernel-race-condition.html) [article, CVE-2014-0196] | 201 | [2015: "CVE-2014-4943 - PPPoL2TP DoS Analysis" by Vitaly Nikolenko](https://cyseclabs.com/page?n=01102015) [article, CVE-2014-4943] |
| 202 | 202 | ||
| 203 | [2014: "CVE-2014-4943 - PPPoL2TP DoS Analysis" by Vitaly Nikolenko](https://cyseclabs.com/page?n=01102015) [article, CVE-2014-4943] | 203 | [2014: "Exploiting CVE-2014-0196 a walk-through of the Linux pty race condition PoC" by Samuel Gross](http://blog.includesecurity.com/2014/06/exploit-walkthrough-cve-2014-0196-pty-kernel-race-condition.html) [article, CVE-2014-0196] |
| 204 | 204 | ||
| 205 | [2014: "CVE-2014-4014: Linux Kernel Local Privilege Escalation "exploitation"" by Vitaly Nikolenko](https://cyseclabs.com/blog/cve-2014-4014-local-privilege-escalation) [article, CVE-2014-4014] | 205 | [2014: "CVE-2014-4014: Linux Kernel Local Privilege Escalation "exploitation"" by Vitaly Nikolenko](https://cyseclabs.com/blog/cve-2014-4014-local-privilege-escalation) [article, CVE-2014-4014] |
| 206 | 206 | ||