From 7eb94fc86ccf0c0702bac85e59cf65f5c806ad65 Mon Sep 17 00:00:00 2001
From: Andrey Konovalov
Date: Thu, 8 Jun 2017 18:26:59 +0200
Subject: Create README.md

---
 README.md | 22 ++++++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 2ad30f1..1f4c2da 100644
--- a/README.md
+++ b/README.md
@@ -23,6 +23,8 @@ Pull requests are welcome.
 
 [2016, MOSEC 2016: "Talk is cheap, show me the code" by Keen Lab](https://speakerdeck.com/retme7/talk-is-cheap-show-me-the-code) [slides]
 
+[2015: "Kernel Data Attack is a Realistic Security Threat"](https://www.eecis.udel.edu/~hnw/paper/kerneldata.pdf) [whitepaper]
+
 [2015: "From Collision To Exploitation: Unleashing Use-After-Free Vulnerabilities in Linux Kernel"](https://loccs.sjtu.edu.cn/~romangol/download/papers/gossip_ccs2015.pdf) [whitepaper]
 
 [2015: "Linux Kernel Exploitation" by Patrick Biernat](http://security.cs.rpi.edu/courses/binexp-spring2015/lectures/23/13_lecture.pdf) [slides]
@@ -68,6 +70,8 @@ Pull requests are welcome.
 
 ### Information leak
 
+[2017: "The Infoleak that (Mostly) Wasn't" by Brad Spengler](https://grsecurity.net/the_infoleak_that_mostly_wasnt.php) [article, CVE-2017-7616]
+
 [2016: "Exploiting a Linux Kernel Infoleak to bypass Linux kASLR"](https://marcograss.github.io/security/linux/2016/01/24/exploiting-infoleak-linux-kaslr-bypass.html) [article]
 
 [2010: "Linux Kernel pktcdvd Memory Disclosure" by Jon Oberheide](https://jon.oberheide.org/blog/2010/10/23/linux-kernel-pktcdvd-memory-disclosure/) [article, CVE-2010-3437]
@@ -79,6 +83,12 @@ Pull requests are welcome.
 
 ### LPE
 
+[2017: "Dirty COW and why lying is bad even if you are the Linux kernel"](https://chao-tic.github.io/blog/2017/05/24/dirty-cow) [article, CVE-2016-5195]
+
+[2017: "NDAY-2017-0103: Arbitrary kernel write in sys_oabi_epoll_wait" by Zuk Avraham](https://blog.zimperium.com/nday-2017-0103-arbitrary-kernel-write-in-sys_oabi_epoll_wait/) [article, CVE-2016-3857]
+
+[2017: "NDAY-2017-0106: Elevation of Privilege in NVIDIA nvhost-vic driver" by Zuk Avraham](https://blog.zimperium.com/nday-2017-0106-elevation-of-privilege-in-nvidia-nvhost-vic-driver/) [article, CVE-2016-2434]
+
 [2017: "PWN2OWN 2017 Linux kernel privilege escalation analysis"](https://zhuanlan.zhihu.com/p/26674557) [article, CVE-2017-7184]
 
 [2017: "Exploiting the Linux kernel via packet sockets" by Andrey Konovalov](https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html) [article, CVE-2017-7308]
@@ -103,9 +113,11 @@ Pull requests are welcome.
 
 [2016, Project Zero: "Exploiting Recursion in the Linux Kernel" by Jann Horn](https://googleprojectzero.blogspot.de/2016/06/exploiting-recursion-in-linux-kernel_20.html) [article, CVE-2016-1583]
 
-[2016: "ANALYSIS AND EXPLOITATION OF A LINUX KERNEL VULNERABILITY (CVE-2016-0728)" By Perception Point Research Team](http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/) [article, CVE-2016-072]
+[2016: "ANALYSIS AND EXPLOITATION OF A LINUX KERNEL VULNERABILITY (CVE-2016-0728)" By Perception Point Research Team](http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/) [article, CVE-2016-0728]
 
-[2016: "CVE20160728 Exploit Code Explained" by Shilong Zhao](http://dreamhack.it/linux/2016/01/25/cve-2016-0728-exploit-code-explained.html) [article, CVE-2016-072]
+[2016: "CVE20160728 Exploit Code Explained" by Shilong Zhao](http://dreamhack.it/linux/2016/01/25/cve-2016-0728-exploit-code-explained.html) [article, CVE-2016-0728]
+
+[2016: "CVE-2016-0728 vs Android" by Collin Mulliner](https://www.mulliner.org/blog/blosxom.cgi/security/CVE-2016-0728_vs_android.writeback?advanced_search=1) [article, CVE-2016-0728]
 
 [2016: "Notes about CVE-2016-7117" by Lizzie Dixon](https://blog.lizzie.io/notes-about-cve-2016-7117.html) [article, CVE-2016-7117]
 
@@ -232,6 +244,8 @@ Pull requests are welcome.
 
 ## Defensive
 
+[2017: "PT-Rand: Practical Mitigation of Data-only Attacks against Page Tables"](https://www.internetsociety.org/sites/default/files/ndss2017_05B-4_Davi_paper.pdf) [whitepaper]
+
 [2017: "KASLR is Dead: Long Live KASLR"](https://gruss.cc/files/kaiser.pdf) [whitepaper]
 
 [2017: "Honey, I shrunk the attack surface – Adventures in Android security hardening" by Nick Kralevich](https://www.youtube.com/watch?v=ITL6VHOFQj8) [video]
@@ -307,6 +321,10 @@ https://github.com/xairy/kernel-exploits
 
 https://github.com/ScottyBauer/Android_Kernel_CVE_POCs
 
+https://github.com/Kabot/Unix-Privilege-Escalation-Exploits-Pack
+
+https://github.com/SecWiki/linux-kernel-exploits
+
 
 ## Practice
 
-- 
cgit v1.3