René's URL Explorer Experiment


Title: GitHub - TomWo/linux-kernel-exploitation: A bunch of links related to Linux kernel fuzzing and exploitation

Open Graph Title: GitHub - TomWo/linux-kernel-exploitation: A bunch of links related to Linux kernel fuzzing and exploitation

X Title: GitHub - TomWo/linux-kernel-exploitation: A bunch of links related to Linux kernel fuzzing and exploitation

Description: A bunch of links related to Linux kernel fuzzing and exploitation - TomWo/linux-kernel-exploitation

Open Graph Description: A bunch of links related to Linux kernel fuzzing and exploitation - TomWo/linux-kernel-exploitation

X Description: A bunch of links related to Linux kernel fuzzing and exploitation - TomWo/linux-kernel-exploitation

Opengraph URL: https://github.com/TomWo/linux-kernel-exploitation

X: @github

direct link

Domain: patch-diff.githubusercontent.com

route-pattern/:user_id/:repository
route-controllerfiles
route-actiondisambiguate
fetch-noncev2:653afe17-33d1-4a3e-dc33-e3c17f9d381c
current-catalog-service-hashf3abb0cc802f3d7b95fc8762b94bdcb13bf39634c40c357301c4aa1d67a256fb
request-id86F4:15B55:CD4229:103438D:69918584
html-safe-nonce1f812ebf9f66b5163435c5843f62e8f6c1510f2103edb562c29ffa656a120bc2
visitor-payloadeyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiI4NkY0OjE1QjU1OkNENDIyOToxMDM0MzhEOjY5OTE4NTg0IiwidmlzaXRvcl9pZCI6IjIwMjEyMTI1NzMzNDE0MTg4ODQiLCJyZWdpb25fZWRnZSI6ImlhZCIsInJlZ2lvbl9yZW5kZXIiOiJpYWQifQ==
visitor-hmac9e9691b03434dd451be4d5dc96de8b5e6167bd73798e0a4b839f74eff004cf64
hovercard-subject-tagrepository:94032605
github-keyboard-shortcutsrepository,copilot
google-site-verificationApib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-urlhttps://collector.github.com/github/collect
analytics-location//
fb:app_id1401488693436528
apple-itunes-appapp-id=1477376905, app-argument=https://github.com/TomWo/linux-kernel-exploitation
twitter:imagehttps://opengraph.githubassets.com/a17c95fc20eaad04245b647bda594c12257d9ca995d963574eb2b9ae99670f00/TomWo/linux-kernel-exploitation
twitter:cardsummary_large_image
og:imagehttps://opengraph.githubassets.com/a17c95fc20eaad04245b647bda594c12257d9ca995d963574eb2b9ae99670f00/TomWo/linux-kernel-exploitation
og:image:altA bunch of links related to Linux kernel fuzzing and exploitation - TomWo/linux-kernel-exploitation
og:image:width1200
og:image:height600
og:site_nameGitHub
og:typeobject
hostnamegithub.com
expected-hostnamegithub.com
None42c603b9d642c4a9065a51770f75e5e27132fef0e858607f5c9cb7e422831a7b
turbo-cache-controlno-preview
go-importgithub.com/TomWo/linux-kernel-exploitation git https://github.com/TomWo/linux-kernel-exploitation.git
octolytics-dimension-user_id16116290
octolytics-dimension-user_loginTomWo
octolytics-dimension-repository_id94032605
octolytics-dimension-repository_nwoTomWo/linux-kernel-exploitation
octolytics-dimension-repository_publictrue
octolytics-dimension-repository_is_forktrue
octolytics-dimension-repository_parent_id73646740
octolytics-dimension-repository_parent_nwoxairy/linux-kernel-exploitation
octolytics-dimension-repository_network_root_id73646740
octolytics-dimension-repository_network_root_nwoxairy/linux-kernel-exploitation
turbo-body-classeslogged-out env-production page-responsive
disable-turbofalse
browser-stats-urlhttps://api.github.com/_private/browser/stats
browser-errors-urlhttps://api.github.com/_private/browser/errors
release848bc6032dcc93a9a7301dcc3f379a72ba13b96e
ui-targetfull
theme-color#1e2327
color-schemelight dark

Links:

Skip to contenthttps://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#start-of-content
https://patch-diff.githubusercontent.com/
Sign in https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2FTomWo%2Flinux-kernel-exploitation
GitHub CopilotWrite better code with AIhttps://github.com/features/copilot
GitHub SparkBuild and deploy intelligent appshttps://github.com/features/spark
GitHub ModelsManage and compare promptshttps://github.com/features/models
MCP RegistryNewIntegrate external toolshttps://github.com/mcp
ActionsAutomate any workflowhttps://github.com/features/actions
CodespacesInstant dev environmentshttps://github.com/features/codespaces
IssuesPlan and track workhttps://github.com/features/issues
Code ReviewManage code changeshttps://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilitieshttps://github.com/security/advanced-security
Code securitySecure your code as you buildhttps://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they starthttps://github.com/security/advanced-security/secret-protection
Why GitHubhttps://github.com/why-github
Documentationhttps://docs.github.com
Bloghttps://github.blog
Changeloghttps://github.blog/changelog
Marketplacehttps://github.com/marketplace
View all featureshttps://github.com/features
Enterpriseshttps://github.com/enterprise
Small and medium teamshttps://github.com/team
Startupshttps://github.com/enterprise/startups
Nonprofitshttps://github.com/solutions/industry/nonprofits
App Modernizationhttps://github.com/solutions/use-case/app-modernization
DevSecOpshttps://github.com/solutions/use-case/devsecops
DevOpshttps://github.com/solutions/use-case/devops
CI/CDhttps://github.com/solutions/use-case/ci-cd
View all use caseshttps://github.com/solutions/use-case
Healthcarehttps://github.com/solutions/industry/healthcare
Financial serviceshttps://github.com/solutions/industry/financial-services
Manufacturinghttps://github.com/solutions/industry/manufacturing
Governmenthttps://github.com/solutions/industry/government
View all industrieshttps://github.com/solutions/industry
View all solutionshttps://github.com/solutions
AIhttps://github.com/resources/articles?topic=ai
Software Developmenthttps://github.com/resources/articles?topic=software-development
DevOpshttps://github.com/resources/articles?topic=devops
Securityhttps://github.com/resources/articles?topic=security
View all topicshttps://github.com/resources/articles
Customer storieshttps://github.com/customer-stories
Events & webinarshttps://github.com/resources/events
Ebooks & reportshttps://github.com/resources/whitepapers
Business insightshttps://github.com/solutions/executive-insights
GitHub Skillshttps://skills.github.com
Documentationhttps://docs.github.com
Customer supporthttps://support.github.com
Community forumhttps://github.com/orgs/community/discussions
Trust centerhttps://github.com/trust-center
Partnershttps://github.com/partners
GitHub SponsorsFund open source developershttps://github.com/sponsors
Security Labhttps://securitylab.github.com
Maintainer Communityhttps://maintainers.github.com
Acceleratorhttps://github.com/accelerator
Archive Programhttps://archiveprogram.github.com
Topicshttps://github.com/topics
Trendinghttps://github.com/trending
Collectionshttps://github.com/collections
Enterprise platformAI-powered developer platformhttps://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security featureshttps://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI featureshttps://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 supporthttps://github.com/premium-support
Pricinghttps://github.com/pricing
Search syntax tipshttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentationhttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2FTomWo%2Flinux-kernel-exploitation
Sign up https://patch-diff.githubusercontent.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E&source=header-repo&source_repo=TomWo%2Flinux-kernel-exploitation
Reloadhttps://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation
Reloadhttps://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation
Reloadhttps://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation
TomWo https://patch-diff.githubusercontent.com/TomWo
linux-kernel-exploitationhttps://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation
xairy/linux-kernel-exploitationhttps://patch-diff.githubusercontent.com/xairy/linux-kernel-exploitation
Notifications https://patch-diff.githubusercontent.com/login?return_to=%2FTomWo%2Flinux-kernel-exploitation
Fork 0 https://patch-diff.githubusercontent.com/login?return_to=%2FTomWo%2Flinux-kernel-exploitation
Star 0 https://patch-diff.githubusercontent.com/login?return_to=%2FTomWo%2Flinux-kernel-exploitation
0 stars https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/stargazers
1.1k forks https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/forks
Branches https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/branches
Tags https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/tags
Activity https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/activity
Star https://patch-diff.githubusercontent.com/login?return_to=%2FTomWo%2Flinux-kernel-exploitation
Notifications https://patch-diff.githubusercontent.com/login?return_to=%2FTomWo%2Flinux-kernel-exploitation
Code https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation
Pull requests 0 https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/pulls
Actions https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/actions
Projects 0 https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/projects
Wiki https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/wiki
Security 0 https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/security
Insights https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/pulse
Code https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation
Pull requests https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/pulls
Actions https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/actions
Projects https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/projects
Wiki https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/wiki
Security https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/security
Insights https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/pulse
Brancheshttps://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/branches
Tagshttps://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/tags
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/branches
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/tags
11 Commitshttps://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/commits/master/
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/commits/master/
README.mdhttps://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/blob/master/README.md
README.mdhttps://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/blob/master/README.md
READMEhttps://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#linux-kernel-exploitation
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#exploitation-techniques
2017: "New Reliable Android Kernel Root Exploitation Techniques"http://powerofcommunity.net/poc2016/x82.pdf
2017: "Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying"https://www.internetsociety.org/sites/default/files/ndss2017_09-2_Lu_paper.pdf
2016: "Linux Kernel ROP - Ropping your way to # (Part 1)" by Vitaly Nikolenkohttps://www.trustwave.com/Resources/SpiderLabs-Blog/Linux-Kernel-ROP---Ropping-your-way-to---(Part-1)/
2016: "Linux Kernel ROP - Ropping your way to # (Part 2)" by Vitaly Nikolenkohttps://www.trustwave.com/Resources/SpiderLabs-Blog/Linux-Kernel-ROP---Ropping-your-way-to---(Part-2)/
2016, Ruxcon: "Exploiting COF Vulnerabilities in the Linux kernel" by Vitaly Nikolenkohttps://ruxcon.org.au/assets/2016/slides/ruxcon2016-Vitaly.pdf
2016: "Using userfaultfd" by Lizzie Dixonhttps://blog.lizzie.io/using-userfaultfd.html
2016, DEF CON 24: "Direct Memory Attack the Kernel" by Ulf Friskhttps://www.youtube.com/watch?v=fXthwl6ShOg
2016, MOSEC 2016: "Talk is cheap, show me the code" by Keen Labhttps://speakerdeck.com/retme7/talk-is-cheap-show-me-the-code
2015: "Kernel Data Attack is a Realistic Security Threat"https://www.eecis.udel.edu/~hnw/paper/kerneldata.pdf
2015: "From Collision To Exploitation: Unleashing Use-After-Free Vulnerabilities in Linux Kernel"https://loccs.sjtu.edu.cn/~romangol/download/papers/gossip_ccs2015.pdf
2015: "Linux Kernel Exploitation" by Patrick Biernathttp://security.cs.rpi.edu/courses/binexp-spring2015/lectures/23/13_lecture.pdf
2014: "Writing kernel exploits" by Keegan McAllisterhttps://tc.gtisc.gatech.edu/bss/2014/r/kernel-exploits.pdf
2013: "Kernel stack overflows (basics)" by Essa Alkuwarihttps://blog.0x80.org/kernel-stack-overflows-basics/
2013, Black Hat USA: "Hacking like in the Movies: Visualizing Page Tables for Local Exploitation"https://www.youtube.com/watch?v=Of6DemoMLaA
2012: "Understanding Linux Kernel Vulnerabilities" by Richard Carbackhttps://www.csee.umbc.edu/courses/undergraduate/421/Spring12/02/slides/ULKV.pdf
2012: "A Heap of Trouble: Breaking the Linux Kernel SLOB Allocator" by Dan Rosenberghttps://www.vsecurity.com//download/papers/slob-exploitation.pdf
2012: "Attacking hardened Linux systems with kernel JIT spraying" by Keegan McAllisterhttps://mainisusuallyafunction.blogspot.ru/2012/11/attacking-hardened-linux-systems-with.html
2012: "A Guide to Kernel Exploitation: Attacking the Core" by Enrico Perla and Massimiliano Oldanihttps://www.pdf-archive.com/2011/02/24/a-guide-to-kernel-exploitation/a-guide-to-kernel-exploitation.pdf
2012: "The Linux kernel memory allocators from an exploitation perspective" by Patroklos Argyroudishttps://argp.github.io/2012/01/03/linux-kernel-heap-exploitation/
2011: "Stackjacking Your Way to grsec/PaX Bypass" by Jon Oberheidehttps://jon.oberheide.org/blog/2011/04/20/stackjacking-your-way-to-grsec-pax-bypass/
2010: "Much ado about NULL: Exploiting a kernel NULL dereference"https://blogs.oracle.com/ksplice/entry/much_ado_about_null_exploiting1
2010: "Exploiting Stack Overflows in the Linux Kernel" by Jon Oberheidehttps://jon.oberheide.org/blog/2010/11/29/exploiting-stack-overflows-in-the-linux-kernel/
2010, SOURCE Boston: "Linux Kernel Exploitation: Earning Its Pwnie a Vuln at a Time" by Jon Oberheidehttps://jon.oberheide.org/files/source10-linuxkernel-jonoberheide.pdf
2009, CanSecWest: "There's a party at ring0, and you're invited" by Tavis Ormandy and Julien Tinneshttps://www.cr0.org/paper/to-jt-party-at-ring0.pdf
2007: "Kernel-mode exploits primer" by Sylvester Keil and Clemens Kolbitschhttp://old.iseclab.org/projects/vifuzz/docs/exploit.pdf
2007, Phrack: "Attacking the Core : Kernel Exploiting Notes"http://phrack.org/archives/issues/64/6.txt
2007: "The story of exploiting kmalloc() overflows"http://www.ouah.org/kmallocstory.html
2005, CancSecWest: "Large memory management vulnerabilities" by Gael Delalleauhttps://cansecwest.com/core05/memory_vulns_delalleau.pdf
2005: "The story of exploiting kmalloc() overflows"https://argp.github.io/public/kmalloc_exploitation.pdf
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#writeups
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#information-leak
2017: "The Infoleak that (Mostly) Wasn't" by Brad Spenglerhttps://grsecurity.net/the_infoleak_that_mostly_wasnt.php
2016: "Exploiting a Linux Kernel Infoleak to bypass Linux kASLR"https://marcograss.github.io/security/linux/2016/01/24/exploiting-infoleak-linux-kaslr-bypass.html
2010: "Linux Kernel pktcdvd Memory Disclosure" by Jon Oberheidehttps://jon.oberheide.org/blog/2010/10/23/linux-kernel-pktcdvd-memory-disclosure/
2009: "Linux Kernel x86-64 Register Leak" by Jon Oberheidehttps://jon.oberheide.org/blog/2009/10/04/linux-kernel-x86-64-register-leak/
2009: "Linux Kernel getname() Stack Memory Disclosures" by Jon Oberheidehttps://jon.oberheide.org/blog/2009/08/29/linux-kernel-getname-stack-memory-disclosures/
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#lpe
2017: "Dirty COW and why lying is bad even if you are the Linux kernel"https://chao-tic.github.io/blog/2017/05/24/dirty-cow
2017: "NDAY-2017-0103: Arbitrary kernel write in sys_oabi_epoll_wait" by Zuk Avrahamhttps://blog.zimperium.com/nday-2017-0103-arbitrary-kernel-write-in-sys_oabi_epoll_wait/
2017: "NDAY-2017-0106: Elevation of Privilege in NVIDIA nvhost-vic driver" by Zuk Avrahamhttps://blog.zimperium.com/nday-2017-0106-elevation-of-privilege-in-nvidia-nvhost-vic-driver/
2017: "PWN2OWN 2017 Linux kernel privilege escalation analysis"https://zhuanlan.zhihu.com/p/26674557
2017: "Exploiting the Linux kernel via packet sockets" by Andrey Konovalovhttps://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html
2017: "NDAY-2017-0105: Elevation of Privilege Vulnerability in MSM Thermal Drive" by Zuk Avrahamhttps://blog.zimperium.com/nday-2017-0105-elevation-of-privilege-vulnerability-in-msm-thermal-driver/
2017: "NDAY-2017-0102: Elevation of Privilege Vulnerability in NVIDIA Video Driver" by Zuk Avrahamhttps://blog.zimperium.com/nday-2017-0102-elevation-of-privilege-vulnerability-in-nvidia-video-driver/
2017: "CVE-2017-2636: exploit the race condition in the n_hdlc Linux kernel driver bypassing SMEP" by Alexander Popovhttps://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html
2017: "CVE-2017-2636: local privilege escalation flaw in n_hdlc" by Alexander Popovhttp://seclists.org/oss-sec/2017/q1/569
2017: "CVE-2017-6074: DCCP double-free vulnerability (local root)" by Andrey Konovalovhttp://seclists.org/oss-sec/2017/q1/471
2016: "CVE-2016-8655 Linux af_packet.c race condition (local root)" by Philip Petterssonhttp://seclists.org/oss-sec/2016/q4/607
2016, Black Hat: "Rooting Every Android From Extension To Exploitation" by Di Shen and James Fanghttps://speakerdeck.com/retme7/rooting-every-android-from-extension-to-exploitation
2016: "Talk is Cheap, Show Me the Code" by James Fang, Di Shen and Wen Niuhttps://speakerdeck.com/retme7/talk-is-cheap-show-me-the-code
2016: "CVE-2016-3873: Arbitrary Kernel Write in Nexus 9" by Sagi Kedmihttps://sagi.io/2016/09/cve-2016-3873-arbitrary-kernel-write-in-nexus-9/
2016, Project Zero: "Exploiting Recursion in the Linux Kernel" by Jann Hornhttps://googleprojectzero.blogspot.de/2016/06/exploiting-recursion-in-linux-kernel_20.html
2016: "ANALYSIS AND EXPLOITATION OF A LINUX KERNEL VULNERABILITY (CVE-2016-0728)" By Perception Point Research Teamhttp://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
2016: "CVE20160728 Exploit Code Explained" by Shilong Zhaohttp://dreamhack.it/linux/2016/01/25/cve-2016-0728-exploit-code-explained.html
2016: "CVE-2016-0728 vs Android" by Collin Mullinerhttps://www.mulliner.org/blog/blosxom.cgi/security/CVE-2016-0728_vs_android.writeback?advanced_search=1
2016: "Notes about CVE-2016-7117" by Lizzie Dixonhttps://blog.lizzie.io/notes-about-cve-2016-7117.html
2016: "CVE-2016-2384: exploiting a double-free in the usb-midi linux kernel driver" by Andrey Konovalovhttps://xairy.github.io/blog/2016/cve-2016-2384
2016: "CVE-2016-6187: Exploiting Linux kernel heap off-by-one" by Vitaly Nikolenkohttps://cyseclabs.com/blog/cve-2016-6187-heap-off-by-one-exploit
2016: "CVE-2014-2851 group_info UAF Exploitation" by Vitaly Nikolenkohttps://cyseclabs.com/page?n=02012016
2016, HITB Ams: "Perf: From Profiling To Kernel Exploiting" by Wish Wuhttps://conference.hitb.org/hitbsecconf2016ams/wp-content/uploads/2015/11/D2T2-Wish-Wu-Perf-From-Profiling-to-Kernel-Exploiting.pdf
2016, HITB Ams: "Perf: From Profiling To Kernel Exploiting" by Wish Wuhttps://www.youtube.com/watch?v=37v14rMtALs
2015: "Android linux kernel privilege escalation vulnerability and exploit (CVE-2014-4322)" by Gal Beniaminihttps://bits-please.blogspot.de/2015/08/android-linux-kernel-privilege.html
2015: "Exploiting "BadIRET" vulnerability" by Rafal Wojtczukhttps://labs.bromium.com/2015/02/02/exploiting-badiret-vulnerability-cve-2014-9322-linux-kernel-privilege-escalation/
2015: "Follow-up on Exploiting "BadIRET" vulnerability (CVE-2014-9322)" by Adam Zabrockihttp://blog.pi3.com.pl/?p=509
2015, Black Hat: "Ah! Universal Android Rooting Is Back" by Wen Xuhttps://www.blackhat.com/docs/us-15/materials/us-15-Xu-Ah-Universal-Android-Rooting-Is-Back-wp.pdf
2015, Black Hat: "Ah! Universal Android Rooting Is Back" by Wen Xuhttps://www.blackhat.com/docs/us-15/materials/us-15-Xu-Ah-Universal-Android-Rooting-Is-Back.pdf
2015, Black Hat: "Ah! Universal Android Rooting Is Back" by Wen Xuhttps://www.youtube.com/watch?v=HVP1c7Ct1nM
2015: "When is something overflowing" by Keen Teamhttps://www.slideshare.net/PeterHlavaty/overflow-48573748
2015, Project Zero: "Exploiting the DRAM rowhammer bug to gain kernel privileges" by Mark Seaborn and Thomas Dullienhttps://googleprojectzero.blogspot.de/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
2014: "Exploiting CVE-2014-0196 a walk-through of the Linux pty race condition PoC" by Samuel Grosshttp://blog.includesecurity.com/2014/06/exploit-walkthrough-cve-2014-0196-pty-kernel-race-condition.html
2014: "CVE-2014-4943 - PPPoL2TP DoS Analysis" by Vitaly Nikolenkohttps://cyseclabs.com/page?n=01102015
2014: "CVE-2014-4014: Linux Kernel Local Privilege Escalation "exploitation"" by Vitaly Nikolenkohttps://cyseclabs.com/blog/cve-2014-4014-local-privilege-escalation
2014: "CVE-2014-4699: Linux Kernel ptrace/sysret vulnerability analysis" by Vitaly Nikolenkohttps://cyseclabs.com/blog/cve-2014-4699-linux-kernel-ptrace-sysret-analysis
2014: "How to exploit the x32 recvmmsg() kernel vulnerability CVE 2014-0038" by Samuel Grosshttp://blog.includesecurity.com/2014/03/exploit-CVE-2014-0038-x32-recvmmsg-kernel-vulnerablity.html
2014: "Exploiting the Futex Bug and uncovering Towelroot"http://tinyhack.com/2014/07/07/exploiting-the-futex-bug-and-uncovering-towelroot/
2014: "CVE-2014-3153 Exploit" by Joel Erikssonhttp://www.clevcode.org/cve-2014-3153-exploit/
2013: "Privilege Escalation Kernel Exploit" by Julius Plenzhttps://blog.plenz.com/2013-02/privilege-escalation-kernel-exploit.html
2013: "A closer look at a recent privilege escalation bug in Linux (CVE-2013-2094)" by Joe Damatohttp://timetobleed.com/a-closer-look-at-a-recent-privilege-escalation-bug-in-linux-cve-2013-2094/
2012: "Linux Local Privilege Escalation via SUID /proc/pid/mem Write" by Jason Donenfeldhttps://git.zx2c4.com/CVE-2012-0056/about/
2011, DEF CON 19: "Kernel Exploitation Via Uninitialized Stack" by Kees Cookhttps://www.defcon.org/images/defcon-19/dc-19-presentations/Cook/DEFCON-19-Cook-Kernel-Exploitation.pdf
2011, DEF CON 19: "Kernel Exploitation Via Uninitialized Stack" by Kees Cookhttps://www.youtube.com/watch?v=jg-wnwnkbsy
2010: "Some Notes on CVE-2010-3081 Exploitability"https://blog.nelhage.com/2010/11/exploiting-cve-2010-3081/
2010: "CVE-2010-4258: Turning Denial-of-service Into Privilege Escalation" by Nelson Elhagehttps://blog.nelhage.com/2010/12/cve-2010-4258-from-dos-to-privesc/
2010: "CVE-2007-4573: The Anatomy of a Kernel Exploit" by Nelson Elhagehttps://blog.nelhage.com/2010/02/cve-2007-4573-the-anatomy-of-a-kernel-exploit/
2010: "Linux Kernel CAN SLUB Overflow" by Jon Oberheidehttps://jon.oberheide.org/blog/2010/09/10/linux-kernel-can-slub-overflow/
2010: "af_can linux kernel overflow" by Ben Hawkeshttp://inertiawar.com/af_can/
2010: "linux compat vulns (part 1)" by Ben Hawkeshttp://inertiawar.com/compat1/
2010: "linux compat vulns (part 2)" by Ben Hawkeshttp://inertiawar.com/compat2/
2010: "CVE-2010-4258: Turning denial-of-service into privilege escalation" by Nelson Elhagehttps://blog.nelhage.com/2010/12/cve-2010-4258-from-dos-to-privesc/
2009: "Linux NULL pointer dereference due to incorrect proto_ops initializations (CVE-2009-2692)"http://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.html
2009: "Even when one byte matters"https://kernelbof.blogspot.de/2009/07/even-when-one-byte-matters.html
2009: "CVE-2008-0009/CVE-2008-0010: Linux kernel vmsplice(2) Privilege Escalation"https://xorl.wordpress.com/2009/08/10/cve-2008-0600cve-2008-0010-linux-kernel-vmsplice2-privilege-escalation/
2008: "vmsplice(): the making of a local root exploit" by Jonathan Corbethttps://lwn.net/Articles/268783/
2004: "Linux kernel do_mremap VMA limit local privilege escalation vulnerability"http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#rce
2016: "CVE Publication: CVE 2016-8633" by Eyal Itkinhttps://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/
2011, DEF CON 19: "Owned Over Amateur Radio: Remote Kernel Exploitation in 2011"http://cs.dartmouth.edu/~sergey/cs258/2012/Dan-Rosenberg-lecture.pdf
2011, DEF CON 19: "Owned Over Amateur Radio: Remote Kernel Exploitation in 2011"https://www.youtube.com/watch?v=kBjD0HITQZA
2009: "When a "potential D.o.S." means a one-shot remote kernel exploit: the SCTP story"https://kernelbof.blogspot.de/2009/04/kernel-memory-corruptions-are-not-just.html
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#protection-bypass-techniques
2016: "Linux Kernel x86-64 bypass SMEP - KASLR - kptr_restric"http://blackbunny.io/linux-kernel-x86-64-bypass-smep-kaslr-kptr_restric/
2016, KIWICON: "Practical SMEP bypass techniques on Linux" by Vitaly Nikolenkohttps://cyseclabs.com/slides/smep_bypass.pdf
2016: "Micro architecture attacks on KASLR" by Anders Fogh"https://cyber.wtf/2016/10/25/micro-architecture-attacks-on-kasrl/
2016: "Jump Over ASLR: Attacking Branch Predictors to Bypass ASLR" by Dmitry Evtyushkin, Dmitry Ponomarev and Nael Abu-Ghazalehhttp://www.cs.ucr.edu/~nael/pubs/micro16.pdf
2016, CCS: "Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR" by Daniel Gruss, Clementine Maurice, Anders Fogh, Moritz Lipp and Stefan Mangardhttps://www.youtube.com/watch?v=TJTQbs3oJx8
2016, Black Hat USA: "Using Undocumented CPU Behavior to See Into Kernel Mode and Break KASLR in the Process"https://www.youtube.com/watch?v=T3kmq2NLpH4
2016, Black Hat USA: "Breaking KASLR with Intel TSX" Yeongjin Jang, Sangho Lee and Taesoo Kimhttps://www.blackhat.com/docs/us-16/materials/us-16-Jang-Breaking-Kernel-Address-Space-Layout-Randomization-KASLR-With-Intel-TSX.pdf
2016, Black Hat USA: "Breaking KASLR with Intel TSX" Yeongjin Jang, Sangho Lee and Taesoo Kimhttps://www.youtube.com/watch?v=rtuXG28g0CU
2016: "Breaking KASLR with micro architecture" by Anders Foghhttps://dreamsofastone.blogspot.ru/2016/02/breaking-kasrl-with-micro-architecture.html
2015: "Effectively bypassing kptr_restrict on Android" by Gal Beniaminihttps://bits-please.blogspot.de/2015/08/effectively-bypassing-kptrrestrict-on.html
2014, Black Hat Europe: "ret2dir: Deconstructing Kernel Isolation" by Vasileios P. Kemerlis, Michalis Polychronakis, Angelos D. Keromytishttps://www.blackhat.com/docs/eu-14/materials/eu-14-Kemerlis-Ret2dir-Deconstructing-Kernel-Isolation-wp.pdf
2014, Black Hat Europe: "ret2dir: Deconstructing Kernel Isolation" by Vasileios Kemerlishttps://www.youtube.com/watch?v=kot-EQ9zf9k
2013: "A Linux Memory Trick" by Dan Rosenberghttp://vulnfactory.org/blog/2013/02/06/a-linux-memory-trick/
2011: "SMEP: What is It, and How to Beat It on Linux" by Dan Rosenberghttp://vulnfactory.org/blog/2011/06/05/smep-what-is-it-and-how-to-beat-it-on-linux/
2009: "Bypassing Linux' NULL pointer dereference exploit prevention (mmap_min_addr)"http://blog.cr0.org/2009/06/bypassing-linux-null-pointer.html
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#defensive
2017: "PT-Rand: Practical Mitigation of Data-only Attacks against Page Tables"https://www.internetsociety.org/sites/default/files/ndss2017_05B-4_Davi_paper.pdf
2017: "KASLR is Dead: Long Live KASLR"https://gruss.cc/files/kaiser.pdf
2017: "Honey, I shrunk the attack surface – Adventures in Android security hardening" by Nick Kralevichhttps://www.youtube.com/watch?v=ITL6VHOFQj8
2017: "Fine Grained Control-Flow Integrity for The Linux Kernel" by Sandro Rigo, Michalis Polychronakis, Vasileios Kemerlishttps://www.blackhat.com/docs/asia-17/materials/asia-17-Moreira-Drop-The-Rop-Fine-Grained-Control-Flow-Integrity-For-The-Linux-Kernel.pdf
2016: "Emerging Defense in Android Kernel" by James Fanghttp://keenlab.tencent.com/en/2016/06/01/Emerging-Defense-in-Android-Kernel/
2016: "Randomizing the Linux kernel heap freelists" by Thomas Garnierhttps://medium.com/@mxatone/randomizing-the-linux-kernel-heap-freelists-b899bb99c767#.3csq8t23s
2015: "Protecting Commodity Operating Systems through Strong Kernel Isolation" by Vasileios Kemerlishttp://www.cs.columbia.edu/~angelos/Papers/theses/vpk_thesis.pdf
2013: "KASLR: An Exercise in Cargo Cult Security" by Brad Spenglerhttps://forums.grsecurity.net/viewtopic.php?f=7&t=3367
2012: "How do I mitigate against NULL pointer dereference vulnerabilities?" by RedHathttps://access.redhat.com/articles/20484
2009, Phrack: "Linux Kernel Heap Tampering Detection" by Larry Highsmithhttp://phrack.org/archives/issues/66/15.txt
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#fuzzing--detectors
2016, Linux Plumbers: "Syzkaller, Future Developement" by Dmitry Vyukovhttps://docs.google.com/presentation/d/1iAuTvzt_xvDzS2misXwlYko_VDvpvCmDevMOq2rXIcA/edit#slide=id.p
2016: "Coverage-guided kernel fuzzing with syzkaller"https://lwn.net/Articles/677764/
2016: "Filesystem Fuzzing with American Fuzzy Lop" by Vegard Nossum and Quentin Casasnovashttps://events.linuxfoundation.org/sites/events/files/slides/AFL%20filesystem%20fuzzing%2C%20Vault%202016_0.pdf
2016, ToorCon: "Project Triforce: AFL + QEMU + kernel = CVEs! (or) How to use AFL to fuzz arbitrary VMs"https://github.com/nccgroup/TriforceAFL/blob/master/slides/ToorCon16_TriforceAFL.pdf
2015, LinuxCon North America: "KernelAddressSanitizer (KASan): a fast memory error detector for the Linux kernel" by Andrey Konovalovhttp://events.linuxfoundation.org/sites/events/files/slides/LinuxCon%20North%20America%202015%20KernelAddressSanitizer.pdf
2015, DEF CON 23: "Introduction to USB and Fuzzing" by Matt DuHartehttps://www.youtube.com/watch?v=KWOTXypBt4E
2015, Black Hat: "Don't Trust Your USB! How to Find Bugs in USB Device Drivers" by Sergej Schumilo, Ralf Spenneberg, and Hendrik Schwartkehttps://www.youtube.com/watch?v=OAbzN8k6Am4
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#fuzzers
https://github.com/kernelslacker/trinityhttps://github.com/kernelslacker/trinity
https://github.com/google/syzkallerhttps://github.com/google/syzkaller
https://github.com/schumilo/vUSBfhttps://github.com/schumilo/vUSBf
http://web.eece.maine.edu/~vweaver/projects/perf_events/fuzzer/http://web.eece.maine.edu/~vweaver/projects/perf_events/fuzzer/
https://github.com/nccgroup/TriforceLinuxSyscallFuzzerhttps://github.com/nccgroup/TriforceLinuxSyscallFuzzer
https://github.com/oracle/kernel-fuzzinghttps://github.com/oracle/kernel-fuzzing
https://github.com/rgbkrk/iknowthishttps://github.com/rgbkrk/iknowthis
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#exploits
https://www.exploit-db.com/search/?action=search&description=linux+kernelhttps://www.exploit-db.com/search/?action=search&description=linux+kernel
https://github.com/offensive-security/exploit-database/tree/master/platforms/linux/localhttps://github.com/offensive-security/exploit-database/tree/master/platforms/linux/local
https://bugs.chromium.org/p/project-zero/issues/list?can=1&q=linux+kernel&colspec=ID+Type+Status+Priority+Milestone+Owner+Summary&cells=idshttps://bugs.chromium.org/p/project-zero/issues/list?can=1&q=linux+kernel&colspec=ID+Type+Status+Priority+Milestone+Owner+Summary&cells=ids
http://vulnfactory.org/exploits/http://vulnfactory.org/exploits/
https://www.kernel-exploits.com/https://www.kernel-exploits.com/
https://github.com/dirtycow/dirtycow.github.io/wiki/PoCshttps://github.com/dirtycow/dirtycow.github.io/wiki/PoCs
https://github.com/ScottyBauer/Android_Kernel_CVE_POCshttps://github.com/ScottyBauer/Android_Kernel_CVE_POCs
https://github.com/f47h3r/hackingteam_exploitshttps://github.com/f47h3r/hackingteam_exploits
https://github.com/xairy/kernel-exploitshttps://github.com/xairy/kernel-exploits
https://github.com/ScottyBauer/Android_Kernel_CVE_POCshttps://github.com/ScottyBauer/Android_Kernel_CVE_POCs
https://github.com/Kabot/Unix-Privilege-Escalation-Exploits-Packhttps://github.com/Kabot/Unix-Privilege-Escalation-Exploits-Pack
https://github.com/SecWiki/linux-kernel-exploitshttps://github.com/SecWiki/linux-kernel-exploits
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#practice
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#ctf-tasks
writeuphttps://jon.oberheide.org/blog/2010/11/02/csaw-ctf-kernel-exploitation-challenge/
sourcehttps://jon.oberheide.org/files/csaw.c
writeuphttps://jon.oberheide.org/blog/2011/11/27/csaw-ctf-2011-kernel-exploitation-challenge/
sourcehttps://jon.oberheide.org/files/SqueamishOssifrage.c
writeuphttps://poppopret.org/2013/11/20/csaw-ctf-2013-kernel-exploitation-challenge/
source and exploithttps://github.com/mncoppola/Brad-Oberberg
source and exploithttps://github.com/mncoppola/suckerusu
writeup 1https://poppopret.org/2015/11/16/csaw-ctf-2015-kernel-exploitation-challenge/
writeup 2http://itszn.com/blog/?p=21
source and exploithttps://github.com/mncoppola/StringIPC
writeuphttps://blog.scrt.ch/2015/03/24/insomnihack-finals-sh1tty-writeup/
source and exploithttps://github.com/Insomnihack/Insomnihack-2015/tree/master/exploit/sh1tty
writeuphttp://mslc.ctf.su/wp/rwth2011-ctf-ps3game/
writeuphttp://blog.frizn.fr/plaidctf-2013/pwn-400-servr
sourcehttp://blog.frizn.fr/fil3z/pctf-2013/servr.tar.bz2
writeuphttp://dragonsector.pl/docs/0ctf2016_writeups.pdf
exploithttps://gist.github.com/anonymous/83f96600c5ae851940d6
source and exploithttps://github.com/lovelydream/0ctf2017_kernel_pwn
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#misc
https://github.com/Fuzion24/AndroidKernelExploitationPlaygroundhttps://github.com/Fuzion24/AndroidKernelExploitationPlayground
https://github.com/ReverseLab/kernel-pwn-challengehttps://github.com/ReverseLab/kernel-pwn-challenge
https://github.com/NoviceLive/research-rootkithttps://github.com/NoviceLive/research-rootkit
https://github.com/djrbliss/libplaygroundhttps://github.com/djrbliss/libplayground
pwnable.kr taskshttp://pwnable.kr/play.php
RPISEC kernel labshttps://github.com/RPISEC/MBE/tree/master/src/lab10
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#tools
https://github.com/jonoberheide/ksymhunterhttps://github.com/jonoberheide/ksymhunter
https://github.com/jonoberheide/kstructhunterhttps://github.com/jonoberheide/kstructhunter
https://github.com/ngalongc/AutoLocalPrivilegeEscalationhttps://github.com/ngalongc/AutoLocalPrivilegeEscalation
https://github.com/PenturaLabs/Linux_Exploit_Suggesterhttps://github.com/PenturaLabs/Linux_Exploit_Suggester
https://github.com/jondonas/linux-exploit-suggester-2https://github.com/jondonas/linux-exploit-suggester-2
https://github.com/mzet-/linux-exploit-suggesterhttps://github.com/mzet-/linux-exploit-suggester
https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#unsorted
https://github.com/mncoppola/Linux-Kernel-CTFhttps://github.com/mncoppola/Linux-Kernel-CTF
https://crowell.github.io/blog/2014/11/24/hosting-a-local-kernel-ctf-challenge/https://crowell.github.io/blog/2014/11/24/hosting-a-local-kernel-ctf-challenge/
https://github.com/ukanth/afwall/wiki/Kernel-securityhttps://github.com/ukanth/afwall/wiki/Kernel-security
Readme https://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation#readme-ov-file
Please reload this pagehttps://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation
Activityhttps://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/activity
0 starshttps://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/stargazers
1 watchinghttps://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/watchers
0 forkshttps://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/forks
Report repository https://patch-diff.githubusercontent.com/contact/report-content?content_url=https%3A%2F%2Fgithub.com%2FTomWo%2Flinux-kernel-exploitation&report=TomWo+%28user%29
Releaseshttps://patch-diff.githubusercontent.com/TomWo/linux-kernel-exploitation/releases
Packages 0https://patch-diff.githubusercontent.com/users/TomWo/packages?repo_name=linux-kernel-exploitation
https://github.com
Termshttps://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacyhttps://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Securityhttps://github.com/security
Statushttps://www.githubstatus.com/
Communityhttps://github.community/
Docshttps://docs.github.com/
Contacthttps://support.github.com?tags=dotcom-footer

Viewport: width=device-width

URLs of crawlers that visited me.