summaryrefslogtreecommitdiff
path: root/Meta/Websites
diff options
context:
space:
mode:
authorAndreas Kling <kling@serenityos.org>2021-02-14 01:32:46 +0100
committerAndreas Kling <kling@serenityos.org>2021-02-14 01:33:17 +0100
commit3551198f991908ebb07f71f460d8f61788551183 (patch)
treefd7b9827463657f5bdf7ca0a867bc82c9e2b546c /Meta/Websites
parentffdfbf1dba611b2675460954bcf80bcc20500a94 (diff)
downloadserenity-3551198f991908ebb07f71f460d8f61788551183.zip
Website: Add vakzz's exploit & writeup to the bounty page
Diffstat (limited to 'Meta/Websites')
-rw-r--r--Meta/Websites/serenityos.org/bounty/index.html1
1 files changed, 1 insertions, 0 deletions
diff --git a/Meta/Websites/serenityos.org/bounty/index.html b/Meta/Websites/serenityos.org/bounty/index.html
index c4c90fdfce..bab95c35c9 100644
--- a/Meta/Websites/serenityos.org/bounty/index.html
+++ b/Meta/Websites/serenityos.org/bounty/index.html
@@ -39,6 +39,7 @@
</p>
<p><b>Unclaimed bounties:</b></p>
<ul>
+ <li><b>2021-02-11:</b> <b>vakzz</b> wrote the first-ever full chain exploit, stringing together a LibJS bug and a kernel bug to create a web page that got root access when viewed in our browser. (<a href="https://devcraft.io/2021/02/11/serenityos-writing-a-full-chain-exploit.html">Writeup and exploit</a>)</li>
<li><b>2020-12-22:</b> <b>ALLES! CTF</b> found a kernel LPE due to missing EFLAGS validation in <code>ptrace()</code>. (<a href="https://github.com/allesctf/writeups/blob/master/2020/hxpctf/wisdom2/writeup.md">Writeup and exploit</a>)</li>
<li><b>2020-12-20:</b> <b>yyyyyyy</b> found a kernel LPE due to a race condition between <code>execve()</code> and <code>ptrace()</code>. (<a href="https://hxp.io/blog/79/hxp-CTF-2020-wisdom2/">Writeup and exploit</a>)</li>
<li><b>2019-12-30:</b> <b>Fire30</b> found a kernel LPE due to bad userspace pointer validation. (<a href="https://github.com/Fire30/CTF-WRITEUPS/tree/master/36c3_ctf/wisdom">Writeup and exploit</a>)</li>
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-14 10:47:08 +0000