Outer Web | Explore

Explore >> Select a destination

You are here		www.willsroot.io Will's Root: Reviving Exploits Against Cred Structs - Six Byte Cross Cache Overflow to Leakless Data-Oriented Kernel Pwnage
\|	\|	mdanilor.github.io Hello, kernel: Exploiting an intentionally vulnerable Linux driver	2.9 parsecs away Travel
\|	\|	A beginers guide into a Linux Kernel stack overflow vulnerability.	2.9 parsecs away Travel
\|	\|	syst3mfailure.io [CVE-2025-38001] Exploiting All Google kernelCTF Instances And Debian 12 With A 0-Day For $82k: An RBTree Family Drama (Part One: LTS & COS)	2.7 parsecs away Travel
\|	\|	CVE-2025-38001 is a Use-After-Free vulnerability in the Linux network packet scheduler, specifically in the HFSC queuing discipline. When the HFSC qdisc is utilized with NETEM and NETEM packet duplication is enabled, using HFSC_RSC it is possible to cause a double class insertion in the HFSC eligible tree. Under normal conditions, this would lead to an infinite loop in hfsc_dequeue() due to an RBTree cycle. However, by adding TBF as root qdisc, it is possible to prevent packets from being dequeued, bypass the infinite loop, free the class, and trigger a Use-After-Free.	2.7 parsecs away Travel
\|	\|	googleprojectzero.blogspot.com Project Zero: Exploiting the Linux kernel via packet sockets	2.7 parsecs away Travel
\|	\|	Guest blog post, posted by Andrey Konovalov Introduction Lately I've been spending some time fuzzing network-related Linux kernel int...	2.7 parsecs away Travel
\|	\|	blog.osandov.com Calling Linux Kernel Functions From Userspace (!)	20.4 parsecs away Travel
\|		I just landed a really exciting feature for drgn: the ability to call arbitrary functions and write to memory in the Linux kernel. I think the technical details of the implementation are very interesting, and it's probably the funniest thing I've ever done, so I wanted to write about how it works.	20.4 parsecs away Travel