leviathan/SKELETONKEY
1
0
Fork 0
Code Issues Pull Requests Actions 21 Packages Projects Releases Wiki Activity
Files
66cca39a552518a64e5de955660c12429a0da0a6
SKELETONKEY/core/verifications.c
T
leviathan 66cca39a55
release / build (arm64) (push) Waiting to run
Details
release / build (x86_64) (push) Waiting to run
Details
release / build (x86_64-static / musl) (push) Waiting to run
Details
release / build (arm64-static / musl) (push) Waiting to run
Details
release / release (push) Blocked by required conditions
Details
release v0.9.2: dirtydecrypt verified on mainline 6.19.7 (22 → 28) 
Verifies CVE-2026-31635 dirtydecrypt's OK path on a kernel that
predates the bug: 'kernel predates the rxgk RESPONSE-handling code
added in 7.0' — match. Confirms detect() doesn't false-positive on
older 6.x kernels.

Attempted fragnesia (CVE-2026-46300) but mainline 7.0.5 .debs depend
on libssl3t64 / libelf1t64 (t64-transition libs from Ubuntu 24.04+ /
Debian 13+). No Parallels-supported Vagrant box ships those yet —
dpkg --force-depends leaves the kernel package in iHR state with no
/boot/vmlinuz. Marked manual: true with rationale.

Verifier infrastructure: pin-mainline now uses dpkg --force-depends as
a fallback so partial-install state can at least be inspected.
2026-05-24 00:03:35 -04:00

330 lines
11 KiB
C
Raw Blame History

/*
* SKELETONKEY — verification records table
*
* AUTO-GENERATED by tools/refresh-verifications.py from
* docs/VERIFICATIONS.jsonl. Do not hand-edit; rerun the script.
*
* Source: tools/verify-vm/verify.sh appends one JSON record per
* run; this generator dedupes to (module, vm_box, kernel, expect)
* and keeps the latest by verified_at.
*/
#include "verifications.h"
#include <stddef.h>
#include <string.h>
#include <stdbool.h>
const struct verification_record verifications[] = {
{
.module = "af_packet",
.verified_at = "2026-05-23",
.host_kernel = "4.15.0-213-generic",
.host_distro = "Ubuntu 18.04.6 LTS",
.vm_box = "generic/ubuntu1804",
.expect_detect = "OK",
.actual_detect = "OK",
.status = "match",
},
{
.module = "af_packet2",
.verified_at = "2026-05-23",
.host_kernel = "5.4.0-169-generic",
.host_distro = "Ubuntu 20.04.6 LTS",
.vm_box = "generic/ubuntu2004",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "af_unix_gc",
.verified_at = "2026-05-23",
.host_kernel = "5.15.5-051505-generic",
.host_distro = "Ubuntu 22.04.3 LTS",
.vm_box = "generic/ubuntu2204",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "cgroup_release_agent",
.verified_at = "2026-05-23",
.host_kernel = "5.10.0-27-amd64",
.host_distro = "Debian GNU/Linux 11 (bullseye)",
.vm_box = "generic/debian11",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "cls_route4",
.verified_at = "2026-05-23",
.host_kernel = "5.15.0-43-generic",
.host_distro = "Ubuntu 20.04.6 LTS",
.vm_box = "generic/ubuntu2004",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "dirty_pipe",
.verified_at = "2026-05-23",
.host_kernel = "5.15.0-91-generic",
.host_distro = "Ubuntu 22.04.3 LTS",
.vm_box = "generic/ubuntu2204",
.expect_detect = "OK",
.actual_detect = "OK",
.status = "match",
},
{
.module = "dirtydecrypt",
.verified_at = "2026-05-24",
.host_kernel = "6.19.7-061907-generic",
.host_distro = "Ubuntu 22.04.3 LTS",
.vm_box = "generic/ubuntu2204",
.expect_detect = "OK",
.actual_detect = "OK",
.status = "match",
},
{
.module = "entrybleed",
.verified_at = "2026-05-23",
.host_kernel = "5.15.0-91-generic",
.host_distro = "Ubuntu 22.04.3 LTS",
.vm_box = "generic/ubuntu2204",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "fuse_legacy",
.verified_at = "2026-05-23",
.host_kernel = "5.10.0-27-amd64",
.host_distro = "Debian GNU/Linux 11 (bullseye)",
.vm_box = "generic/debian11",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "netfilter_xtcompat",
.verified_at = "2026-05-23",
.host_kernel = "5.10.0-27-amd64",
.host_distro = "Debian GNU/Linux 11 (bullseye)",
.vm_box = "generic/debian11",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "nf_tables",
.verified_at = "2026-05-23",
.host_kernel = "5.15.5-051505-generic",
.host_distro = "Ubuntu 22.04.3 LTS",
.vm_box = "generic/ubuntu2204",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "nft_fwd_dup",
.verified_at = "2026-05-23",
.host_kernel = "5.10.0-27-amd64",
.host_distro = "Debian GNU/Linux 11 (bullseye)",
.vm_box = "generic/debian11",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "nft_payload",
.verified_at = "2026-05-23",
.host_kernel = "5.15.0-43-generic",
.host_distro = "Ubuntu 20.04.6 LTS",
.vm_box = "generic/ubuntu2004",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "nft_pipapo",
.verified_at = "2026-05-24",
.host_kernel = "5.15.5-051505-generic",
.host_distro = "Ubuntu 22.04.3 LTS",
.vm_box = "generic/ubuntu2204",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "nft_set_uaf",
.verified_at = "2026-05-23",
.host_kernel = "5.15.5-051505-generic",
.host_distro = "Ubuntu 22.04.3 LTS",
.vm_box = "generic/ubuntu2204",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "overlayfs",
.verified_at = "2026-05-23",
.host_kernel = "5.4.0-169-generic",
.host_distro = "Ubuntu 20.04.6 LTS",
.vm_box = "generic/ubuntu2004",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "overlayfs_setuid",
.verified_at = "2026-05-23",
.host_kernel = "5.15.0-91-generic",
.host_distro = "Ubuntu 22.04.3 LTS",
.vm_box = "generic/ubuntu2204",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "pack2theroot",
.verified_at = "2026-05-23",
.host_kernel = "6.1.0-17-amd64",
.host_distro = "Debian GNU/Linux 12 (bookworm)",
.vm_box = "generic/debian12",
.expect_detect = "PRECOND_FAIL",
.actual_detect = "PRECOND_FAIL",
.status = "match",
},
{
.module = "ptrace_traceme",
.verified_at = "2026-05-23",
.host_kernel = "4.15.0-213-generic",
.host_distro = "Ubuntu 18.04.6 LTS",
.vm_box = "generic/ubuntu1804",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "pwnkit",
.verified_at = "2026-05-23",
.host_kernel = "5.4.0-169-generic",
.host_distro = "Ubuntu 20.04.6 LTS",
.vm_box = "generic/ubuntu2004",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "sequoia",
.verified_at = "2026-05-23",
.host_kernel = "5.4.0-169-generic",
.host_distro = "Ubuntu 20.04.6 LTS",
.vm_box = "generic/ubuntu2004",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "stackrot",
.verified_at = "2026-05-23",
.host_kernel = "6.1.10-060110-generic",
.host_distro = "Ubuntu 22.04.3 LTS",
.vm_box = "generic/ubuntu2204",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "sudo_chwoot",
.verified_at = "2026-05-24",
.host_kernel = "5.15.0-91-generic",
.host_distro = "Ubuntu 22.04.3 LTS",
.vm_box = "generic/ubuntu2204",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "sudo_runas_neg1",
.verified_at = "2026-05-24",
.host_kernel = "4.15.0-213-generic",
.host_distro = "Ubuntu 18.04.6 LTS",
.vm_box = "generic/ubuntu1804",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "sudo_samedit",
.verified_at = "2026-05-23",
.host_kernel = "4.15.0-213-generic",
.host_distro = "Ubuntu 18.04.6 LTS",
.vm_box = "generic/ubuntu1804",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "sudoedit_editor",
.verified_at = "2026-05-23",
.host_kernel = "5.15.0-91-generic",
.host_distro = "Ubuntu 22.04.3 LTS",
.vm_box = "generic/ubuntu2204",
.expect_detect = "PRECOND_FAIL",
.actual_detect = "PRECOND_FAIL",
.status = "match",
},
{
.module = "tioscpgrp",
.verified_at = "2026-05-24",
.host_kernel = "5.4.0-26-generic",
.host_distro = "Ubuntu 20.04.6 LTS",
.vm_box = "generic/ubuntu2004",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
{
.module = "udisks_libblockdev",
.verified_at = "2026-05-24",
.host_kernel = "6.1.0-17-amd64",
.host_distro = "Debian GNU/Linux 12 (bookworm)",
.vm_box = "generic/debian12",
.expect_detect = "VULNERABLE",
.actual_detect = "VULNERABLE",
.status = "match",
},
};
const size_t verifications_count =
sizeof(verifications) / sizeof(verifications[0]);
const struct verification_record *
verifications_for_module(const char *module, size_t *count_out)
{
if (count_out) *count_out = 0;
if (!module) return NULL;
const struct verification_record *first = NULL;
size_t n = 0;
for (size_t i = 0; i < verifications_count; i++) {
if (strcmp(verifications[i].module, module) == 0) {
if (first == NULL) first = &verifications[i];
n++;
}
}
if (count_out) *count_out = n;
return first;
}
bool verifications_module_has_match(const char *module)
{
size_t n = 0;
const struct verification_record *r = verifications_for_module(module, &n);
for (size_t i = 0; i < n; i++)
if (r[i].status && strcmp(r[i].status, "match") == 0)
return true;
return false;
}
Reference in New Issue View Git Blame Copy Permalink