Linux Kernel Exploitation series
Awesome series of articles by @ri5255 that outlines many commonly-used modern exploitation techniques.
r1ru.github.io/categories/lin…
Linux Kernel Security
421 posts
Linux Kernel Security
@linkersec
Links related to Linux kernel security and exploitation.
Maintained by @andreyknvl and @a13xp0p0v.
Also on t.me/linkersec and infosec.exchange/@linkersec.
Joined September 2021
- Linux kernel exploit development tutorial ChrisTheCoolHut published this tutorial as GitBook:
- Papers on Linux kernel security presented at Usenix back in August:
- Writing a Linux Kernel Remote [Exploit] in 2022 An article by Samuel Page @sam4k1 about writing an exploit for a remotely-triggerable stack-buffer-overflow in TIPC. blog.immunityinc.com/p/writing-a-li… [1/2]
- Achieving Linux Kernel Code Execution Through a Malicious USB Device; by Martijn Bogaard @jmartijnb and Dana Geist @geistdana Slides: i.blackhat.com/EU-21/Thursday…
- KernelSnitch: Side-Channel Attacks on Kernel Data Structures Paper by Lukas Maar et al. about using a timing side-channel for leaking addresses of exploitation-relevant kernel structures. lukasmaar.github.io/papers/ndss25-…
- CVE-2022-0435: Linux Kernel Remote Stack Overflow @sam4k1 disclosed remotely and locally reachable stack overflow in Transparent Inter-Process Communication (TIPC). openwall.com/lists/oss-secu… [1/3]
- Rustproofing Linux Four-part article describing the vulnerability classes that may exist in the Linux kernel modules written in Rust language. ▪️Part 1 is about leaking kernel addresses research.nccgroup.com/2023/02/06/rus… ▪️Part 2 describes race conditions research.nccgroup.com/2023/02/08/rus… [1/2]
- Linux Kernel: Exploiting a Netfilter Use-after-Free in kmalloc-cg Sergi Martinez @zlowram_ published an article about exploiting CVE-2022-32250, a slab use-after-free in the netfilter subsystem. blog.exodusintel.com/2022/12/19/lin…
- Linux kernel heap feng shui in 2022 An article by @poppop7331 and @vnik5287 describing the kernel changes that affected exploitation techniques for slab-related vulnerabilities over the last few years. duasynt.com/blog/linux-ker…
- Finding Bugs in Kernel series A series of introductory articles by @slava_moskvin_ about using KASAN and syzkaller for finding kernel vulnerabilities. 1: slavamoskvin.com/hunting-bugs-i… 2: slavamoskvin.com/finding-bugs-i… 3: slavamoskvin.com/finding-bugs-i…
- The Dirty Pipe Vulnerability An article by Max Kellermann about Dirty Pipe — a logical bug in the memory subsystem. The provided proof-of-concept only works starting from Linux kernel version 5.8 released in August 2020. dirtypipe.cm4all.com
- CVE-2022-0185: Exploiting a kernel heap buffer overflow for LPE @clubby789 published a detailed write-up about discovering and exploiting CVE-2022-0185 in the FS subsystem of the Linux kernel.
- [CVE-2025-37752] Two Bytes Of Madness: Pwning The Linux Kernel With A 0x0000 Written 262636 Bytes Out-Of-Bounds Great article by D3vil about exploiting a type confusion in the network scheduler subsystem and pwning all kernelCTF instances. syst3mfailure.io/two-bytes-of-m…
