To all KernelSU users:
Please upgrade to version 0.6.9 or above AS SOON AS POSSIBLE, it contains a very important security fix; in the worst case, the vulnerability(CVE-2023-5521) may cause root privileges to be taken over by malicious programs.
Please note that just upgrading the Manager application has no effect, you need to upgrade the kernel!
Credits to 0x33c0unt for submitting this vulnerability. His detailed description and PoC provided us with great help!
Also I would like to reiterate that we welcome any security researchers to discuss KernelSU's potential attack surfaces with us. We will spare no effort to improve KernelSU's security.