google · Jan 12, 2025
diff --git a/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/docs/assets/CVE-2023-6560_mitigation_1.png
222 KB b/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/docs/assets/CVE-2023-6560_mitigation_1.png
222 KB
diff --git a/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/docs/assets/CVE-2023-6560_mitigation_2.png
151 KB b/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/docs/assets/CVE-2023-6560_mitigation_2.png
151 KB
diff --git a/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/docs/assets/CVE-2023-6560_mitigation_3.png
321 KB b/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/docs/assets/CVE-2023-6560_mitigation_3.png
321 KB
diff --git a/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/docs/assets/CVE-2023-6560_mitigation_4.png
131 KB b/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/docs/assets/CVE-2023-6560_mitigation_4.png
131 KB
diff --git a/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/docs/assets/CVE-2023-6560_mitigation_5.png
52.1 KB b/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/docs/assets/CVE-2023-6560_mitigation_5.png
52.1 KB
diff --git a/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/docs/assets/CVE-2023-6560_mitigation_6.png
26.2 KB b/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/docs/assets/CVE-2023-6560_mitigation_6.png
26.2 KB
diff --git a/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/docs/exploit.md
+690 b/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/docs/exploit.md
+690
diff --git a/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/exploit/Makefile
+7 b/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/exploit/Makefile
+7
diff --git a/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/exploit/exploit
851 KB b/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/exploit/exploit
851 KB
diff --git a/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/exploit/exploit.c
+416 b/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/exploit/exploit.c
+416
diff --git a/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/metadata.json
+33 b/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/metadata.json
+33
diff --git a/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/original.tar.gz
371 KB b/‎pocs/linux/kernelctf/CVE-2023-6560_mitigation/original.tar.gz
371 KB
@@ -0,0 +1,7 @@
+all: exploit
+
+exploit: exploit.c
+	gcc -o exploit exploit.c -static
+
+clean:
+	rm -rf exploit
@@ -0,0 +1,33 @@
+{
+    "$schema": "https://google.github.io/security-research/kernelctf/metadata.schema.v3.json",
+    "submission_ids": [
+        "exp212"
+    ],
+    "vulnerability": {
+        "patch_commit": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=820d070feb668aab5bc9413c285a1dda2a70e076",
+        "cve": "CVE-2023-6560",
+        "affected_versions": [
+            "6.6 - 6.6.5"
+        ],
+        "requirements": {
+            "attack_surface": [
+                "io_uring"
+            ],
+            "capabilities": [
+            ],
+            "kernel_config": [
+                "CONFIG_IO_URING"
+            ]
+        }
+    },
+    "exploits": {
+        "mitigation-v4-6.6": {
+          "uses": [
+            "io_uring",
+            "userns"
+          ],
+          "requires_separate_kaslr_leak": false,
+          "stability_notes": "10 times success per 10 times run"
+      }
+    }
+}