Add kernelCTF CVE-2023-6560_mitigation

pocs/linux/kernelctf/CVE-2023-6560_mitigation/docs/vulnerability.md

@@ -0,0 +1,31 @@
+# Vulneribility
+An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. 
+
+## Requirements to trigger the vulnerability
+ - Capabilities:  N / A
+ - Kernel configuration: `CONFIG_IO_URING`
+ - Are user namespaces needed?: NO for triggering the bug, YES for my exploit but could be avoided.
+
+## Commit which introduced the vulnerability
+[io_uring: support for user allocated memory for rings/sqes](https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=03d89a2de25bbc5c77e61a0cf77663978c4b6ea7)
+
+## Commit which fixed the vulnerability
+[io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP](https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=820d070feb668aab5bc9413c285a1dda2a70e076)
+
+## Affected kernel versions
+- before 6.6.5
+
+## Affected component, subsystem
+- io_uring
+
+## Cause
+- out-of-bounds memory access
+
+## Related syscalls
+
+- io_uring_setup
+- io_uring_enter
+
+## CVE URL
+
+[NVD - CVE-2023-6560](https://nvd.nist.gov/vuln/detail/CVE-2023-6560)

pocs/linux/kernelctf/CVE-2023-6560_mitigation/exploit/mitigation-v4-6.6/Makefile

@@ -0,0 +1,7 @@
+all: exploit
+
+exploit: exploit.c
+	gcc -o exploit exploit.c -static
+
+clean:
+	rm -rf exploit