Linux Kernel Security
@linkersec.bsky.social
Links related to Linux kernel security and exploitation.
Maintained by @andreyknvl.bsky.social and Alexander Popov.
Also on https://t.me/linkersec, https://x.com/linkersec, and https://infosec.exchange/@linkersec.
Maintained by @andreyknvl.bsky.social and Alexander Popov.
Also on https://t.me/linkersec, https://x.com/linkersec, and https://infosec.exchange/@linkersec.
The article also refers to another post "A hole in FineIBT protection" about a method to bypass this CFI mechanism.
lwn.net/Articles/101...
lwn.net/Articles/101...
November 14, 2025 at 1:22 PM
The article also refers to another post "A hole in FineIBT protection" about a method to bypass this CFI mechanism.
lwn.net/Articles/101...
lwn.net/Articles/101...
The article shows an interesting scenario of how a NULL-pointer-dereference can lead to a more severe memory corruption. It also demonstrates a few techniques of shaping vmalloc memory for exploitation.
October 25, 2025 at 12:44 AM
The article shows an interesting scenario of how a NULL-pointer-dereference can lead to a more severe memory corruption. It also demonstrates a few techniques of shaping vmalloc memory for exploitation.
The article also gives a summary about the exploitable bugs the author managed to find in the same subsystem.
September 26, 2025 at 1:17 PM
The article also gives a summary about the exploitable bugs the author managed to find in the same subsystem.
The exploit gains control over the page tables and overwrites the kernel code to bypass SELinux and escalate privileges.
u1f383.github.io/assets/corct...
u1f383.github.io/assets/corct...
u1f383.github.io
September 24, 2025 at 1:19 PM
The exploit gains control over the page tables and overwrites the kernel code to bypass SELinux and escalate privileges.
u1f383.github.io/assets/corct...
u1f383.github.io/assets/corct...
Covers the improvements made to the fuzzer since the previous article. These improvements allowed finding an impressive amount of 23 bugs in ksmbd.
blog.doyensec.com/2025/01/07/k...
blog.doyensec.com/2025/01/07/k...
September 10, 2025 at 3:49 PM
Covers the improvements made to the fuzzer since the previous article. These improvements allowed finding an impressive amount of 23 bugs in ksmbd.
blog.doyensec.com/2025/01/07/k...
blog.doyensec.com/2025/01/07/k...
Despite the bug collision with other researchers, Alexander found a new exploitation method for this bug by relying on his pet project kernel-hack-drill.
github.com/a13xp0p0v/ke...
github.com/a13xp0p0v/ke...
GitHub - a13xp0p0v/kernel-hack-drill: Linux kernel exploitation experiments
Linux kernel exploitation experiments. Contribute to a13xp0p0v/kernel-hack-drill development by creating an account on GitHub.
github.com
September 4, 2025 at 7:15 PM
Despite the bug collision with other researchers, Alexander found a new exploitation method for this bug by relying on his pet project kernel-hack-drill.
github.com/a13xp0p0v/ke...
github.com/a13xp0p0v/ke...