corCTF 2023 sysruption - Exploiting Sysret on Linux in 2023

This corCTF 2023 writeup describes the "sysruption" challenge: a detailed exploit chain that revives a historic SYSRET/GPF micro-architectural/kernel issue on modern Linux. The author reverts an earlier kernel check, uses a prefetch (µarch) attack to leak kernel/physmap/gsbase values despite KASLR, and combines a ptrace-based non-canonical return PoC with ROP and kernel function-pointer overwrites (tcp_prot) to escalate to root; the report includes full PoC source and exploitation notes.