leviathan/SKELETONKEY
1
0
Fork 0
Code Issues Pull Requests Actions 21 Packages Projects Releases Wiki Activity

site: revert CVE table → pill grid

Browse Source 
The sortable table was denser but lost the visual scan-ability of
the color-coded pill grid. Restoring the pill view: two grouped
sections (🟢 / 🟡) each showing every module name as a pill.

Drops the table-sort JS (~25 lines) and the .cve-table CSS block.
This commit is contained in:
KaraZajac
2026-05-17 02:25:25 -04:00
parent 5be3c46719
commit 33f81aeb69
2 changed files with 35 additions and 136 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/index.html
+35 -76
View File
@@ -99,53 +99,42 @@
</div> </div>
</div> </div>
<p style="color: var(--text-muted); font-size:0.92rem; margin:0.5rem 0 1rem;"> <h3 style="color: var(--green);">🟢 Lands root on a vulnerable host</h3>
Sortable by clicking column headers. 🟢 = lands root by <p style="color: var(--text-muted); font-size:0.92rem; margin:0.25rem 0 0.25rem;">Structural exploits + page-cache writes. No per-kernel offsets needed.</p>
default · 🟡 = primitive + opt-in <code>--full-chain</code>. <div class="pills">
</p> <span class="pill green">copy_fail</span>
<span class="pill green">copy_fail_gcm</span>
<span class="pill green">dirty_frag_esp</span>
<span class="pill green">dirty_frag_esp6</span>
<span class="pill green">dirty_frag_rxrpc</span>
<span class="pill green">dirty_pipe</span>
<span class="pill green">dirty_cow</span>
<span class="pill green">pwnkit</span>
<span class="pill green">overlayfs</span>
<span class="pill green">overlayfs_setuid</span>
<span class="pill green">cgroup_release_agent</span>
<span class="pill green">ptrace_traceme</span>
<span class="pill green">sudoedit_editor</span>
<span class="pill green">entrybleed</span>
</div>
<div class="table-wrap"> <h3 style="color: var(--yellow);">🟡 Fires kernel primitive · opt-in <code>--full-chain</code></h3>
<table class="cve-table" id="cve-table"> <p style="color: var(--text-muted); font-size:0.92rem; margin:0.25rem 0 0.25rem;">Default returns <code>EXPLOIT_FAIL</code> honestly. With <code>--full-chain</code> + resolved offsets, runs the shared modprobe_path finisher.</p>
<thead> <div class="pills">
<tr> <span class="pill yellow">nf_tables</span>
<th data-key="year" class="sortable" data-dir="desc">Year</th> <span class="pill yellow">nft_set_uaf</span>
<th data-key="cve" class="sortable">CVE</th> <span class="pill yellow">nft_fwd_dup</span>
<th data-key="bug">Bug</th> <span class="pill yellow">nft_payload</span>
<th data-key="module" class="sortable">Module</th> <span class="pill yellow">netfilter_xtcompat</span>
<th data-key="tier" class="sortable">Tier</th> <span class="pill yellow">af_packet</span>
</tr> <span class="pill yellow">af_packet2</span>
</thead> <span class="pill yellow">af_unix_gc</span>
<tbody> <span class="pill yellow">cls_route4</span>
<tr><td>2024</td><td>CVE-2024-1086</td><td>nf_tables <code>nft_verdict_init</code> cross-cache UAF</td><td><code>nf_tables</code></td><td><span class="tier yellow">🟡 primitive</span></td></tr> <span class="pill yellow">fuse_legacy</span>
<tr><td>2023</td><td>CVE-2023-32233</td><td>nf_tables anonymous-set UAF</td><td><code>nft_set_uaf</code></td><td><span class="tier yellow">🟡 primitive</span></td></tr> <span class="pill yellow">stackrot</span>
<tr><td>2023</td><td>CVE-2023-22809</td><td>sudoedit <code>EDITOR</code>/<code>VISUAL</code> <code>--</code> argv escape</td><td><code>sudoedit_editor</code></td><td><span class="tier green">🟢 full chain</span></td></tr> <span class="pill yellow">sudo_samedit</span>
<tr><td>2023</td><td>CVE-2023-4622</td><td>AF_UNIX garbage-collector race UAF</td><td><code>af_unix_gc</code></td><td><span class="tier yellow">🟡 primitive</span></td></tr> <span class="pill yellow">sequoia</span>
<tr><td>2023</td><td>CVE-2023-3269</td><td>StackRot — maple-tree VMA-split UAF</td><td><code>stackrot</code></td><td><span class="tier yellow">🟡 primitive</span></td></tr> <span class="pill yellow">vmwgfx</span>
<tr><td>2023</td><td>CVE-2023-2008</td><td>vmwgfx DRM buffer-object OOB write</td><td><code>vmwgfx</code></td><td><span class="tier yellow">🟡 primitive</span></td></tr>
<tr><td>2023</td><td>CVE-2023-0386</td><td>overlayfs <code>copy_up</code> preserves setuid bit</td><td><code>overlayfs_setuid</code></td><td><span class="tier green">🟢 full chain</span></td></tr>
<tr><td>2023</td><td>CVE-2023-0458</td><td>EntryBleed — KPTI prefetchnta KASLR bypass</td><td><code>entrybleed</code></td><td><span class="tier green">🟢 leak</span></td></tr>
<tr><td>2023</td><td>CVE-2023-0179</td><td>nft_payload set-id memory corruption</td><td><code>nft_payload</code></td><td><span class="tier yellow">🟡 primitive</span></td></tr>
<tr><td>2022</td><td>CVE-2022-25636</td><td>nft_fwd_dup_netdev_offload heap OOB</td><td><code>nft_fwd_dup</code></td><td><span class="tier yellow">🟡 primitive</span></td></tr>
<tr><td>2022</td><td>CVE-2022-2588</td><td>net/sched cls_route4 dangling-filter UAF</td><td><code>cls_route4</code></td><td><span class="tier yellow">🟡 primitive</span></td></tr>
<tr><td>2022</td><td>CVE-2022-0492</td><td>cgroup v1 <code>release_agent</code> ns mismatch</td><td><code>cgroup_release_agent</code></td><td><span class="tier green">🟢 full chain</span></td></tr>
<tr><td>2022</td><td>CVE-2022-0847</td><td>Dirty Pipe — page-cache write via splice</td><td><code>dirty_pipe</code></td><td><span class="tier green">🟢 full chain</span></td></tr>
<tr><td>2022</td><td>CVE-2022-0185</td><td>fsconfig <code>legacy_parse_param</code> 4k heap OOB</td><td><code>fuse_legacy</code></td><td><span class="tier yellow">🟡 primitive</span></td></tr>
<tr><td>2021</td><td>CVE-2021-33909</td><td>Sequoia — <code>seq_file</code> size_t→int wrap</td><td><code>sequoia</code></td><td><span class="tier yellow">🟡 primitive</span></td></tr>
<tr><td>2021</td><td>CVE-2021-3156</td><td>sudo Baron Samedit heap overflow</td><td><code>sudo_samedit</code></td><td><span class="tier yellow">🟡 primitive</span></td></tr>
<tr><td>2021</td><td>CVE-2021-3493</td><td>Ubuntu overlayfs userns file-cap injection</td><td><code>overlayfs</code></td><td><span class="tier green">🟢 full chain</span></td></tr>
<tr><td>2021</td><td>CVE-2021-22555</td><td>iptables xt_compat 4-byte heap OOB</td><td><code>netfilter_xtcompat</code></td><td><span class="tier yellow">🟡 primitive</span></td></tr>
<tr><td>2021</td><td>CVE-2021-4034</td><td>Pwnkit — pkexec NULL argv env-injection</td><td><code>pwnkit</code></td><td><span class="tier green">🟢 full chain</span></td></tr>
<tr><td>2020</td><td>CVE-2020-14386</td><td>AF_PACKET <code>tp_reserve</code> integer underflow</td><td><code>af_packet2</code></td><td><span class="tier yellow">🟡 primitive</span></td></tr>
<tr><td>2019</td><td>CVE-2019-13272</td><td>PTRACE_TRACEME → setuid execve race</td><td><code>ptrace_traceme</code></td><td><span class="tier green">🟢 full chain</span></td></tr>
<tr><td>2017</td><td>CVE-2017-7308</td><td>AF_PACKET TPACKET_V3 integer overflow</td><td><code>af_packet</code></td><td><span class="tier yellow">🟡 primitive</span></td></tr>
<tr><td>2016</td><td>CVE-2016-5195</td><td>Dirty COW — COW race via <code>/proc/self/mem</code></td><td><code>dirty_cow</code></td><td><span class="tier green">🟢 full chain</span></td></tr>
<tr><td>2026</td><td>CVE-2026-31431</td><td>Copy Fail — algif_aead authencesn page-cache write</td><td><code>copy_fail</code></td><td><span class="tier green">🟢 full chain</span></td></tr>
<tr><td>2026</td><td>CVE-2026-43284</td><td>Dirty Frag — IPv4 xfrm-ESP page-cache write</td><td><code>dirty_frag_esp</code></td><td><span class="tier green">🟢 full chain</span></td></tr>
<tr><td>2026</td><td>CVE-2026-43284</td><td>Dirty Frag — IPv6 xfrm-ESP (esp6)</td><td><code>dirty_frag_esp6</code></td><td><span class="tier green">🟢 full chain</span></td></tr>
<tr><td>2026</td><td>CVE-2026-43500</td><td>Dirty Frag — RxRPC handshake forgery</td><td><code>dirty_frag_rxrpc</code></td><td><span class="tier green">🟢 full chain</span></td></tr>
<tr><td>2026</td><td>variant</td><td>Copy Fail GCM — rfc4106(gcm(aes)) sibling</td><td><code>copy_fail_gcm</code></td><td><span class="tier green">🟢 full chain</span></td></tr>
</tbody>
</table>
</div> </div>
</div> </div>
</section> </section>
@@ -292,36 +281,6 @@ function copyInstall(btn) {
}); });
} }
/* CVE table sort */
(function() {
var table = document.getElementById('cve-table');
if (!table) return;
var headers = table.querySelectorAll('th.sortable');
headers.forEach(function(th, idx) {
th.style.cursor = 'pointer';
th.addEventListener('click', function() {
var tbody = table.querySelector('tbody');
var rows = Array.prototype.slice.call(tbody.querySelectorAll('tr'));
var dir = th.getAttribute('data-dir') === 'asc' ? 'desc' : 'asc';
headers.forEach(function(h) { h.removeAttribute('data-dir'); });
th.setAttribute('data-dir', dir);
rows.sort(function(a, b) {
var av = a.children[idx].innerText.trim();
var bv = b.children[idx].innerText.trim();
var na = parseFloat(av), nb = parseFloat(bv);
if (!isNaN(na) && !isNaN(nb)) { av = na; bv = nb; }
if (av < bv) return dir === 'asc' ? -1 : 1;
if (av > bv) return dir === 'asc' ? 1 : -1;
return 0;
});
rows.forEach(function(r) { tbody.appendChild(r); });
});
});
/* default sort: Year desc */
var first = table.querySelector('th[data-key="year"]');
if (first) first.click(); /* asc */
if (first) first.click(); /* desc */
})();
</script> </script>
</body> </body>
docs/style.css
-60
View File
@@ -253,66 +253,6 @@ section h3 {
.pill.green { border-color: rgba(63, 185, 80, 0.4); color: var(--green); } .pill.green { border-color: rgba(63, 185, 80, 0.4); color: var(--green); }
.pill.yellow { border-color: rgba(210, 153, 34, 0.4); color: var(--yellow); } .pill.yellow { border-color: rgba(210, 153, 34, 0.4); color: var(--yellow); }
/* CVE table */
.table-wrap {
overflow-x: auto;
border: 1px solid var(--border);
border-radius: 6px;
background: var(--bg-elevated);
}
table.cve-table {
width: 100%;
border-collapse: collapse;
font-size: 0.9rem;
}
table.cve-table th,
table.cve-table td {
text-align: left;
padding: 0.55rem 0.85rem;
border-bottom: 1px solid var(--border);
vertical-align: top;
white-space: nowrap;
}
table.cve-table th {
background: rgba(255, 255, 255, 0.02);
color: var(--text-muted);
font-weight: 600;
font-size: 0.82rem;
text-transform: uppercase;
letter-spacing: 0.05em;
}
table.cve-table th.sortable { cursor: pointer; user-select: none; }
table.cve-table th.sortable:hover { color: var(--text); }
table.cve-table th[data-dir="asc"]::after { content: " ▲"; opacity: 0.7; }
table.cve-table th[data-dir="desc"]::after { content: " ▼"; opacity: 0.7; }
table.cve-table td:nth-child(3) { white-space: normal; min-width: 280px; }
table.cve-table tr:last-child td { border-bottom: none; }
table.cve-table tr:hover td { background: rgba(255, 255, 255, 0.025); }
table.cve-table code {
background: rgba(255, 255, 255, 0.04);
border: 1px solid var(--border);
padding: 0.05rem 0.3rem;
border-radius: 3px;
font-size: 0.86em;
}
.tier {
display: inline-block;
font-family: var(--mono);
font-size: 0.78rem;
padding: 0.15rem 0.5rem;
border-radius: 4px;
border: 1px solid var(--border);
}
.tier.green { color: var(--green); border-color: rgba(63, 185, 80, 0.4); }
.tier.yellow { color: var(--yellow); border-color: rgba(210, 153, 34, 0.4); }
@media (max-width: 600px) {
table.cve-table { font-size: 0.82rem; }
table.cve-table th,
table.cve-table td { padding: 0.45rem 0.6rem; }
}
/* Code block */ /* Code block */
pre.code { pre.code {
background: var(--bg-elevated); background: var(--bg-elevated);