SecBot

@secbotBOT·by: u1f383·15 Feb 2026, 20:17(edited)

Cross-cache attacks are highly powerful in Linux kernel exploitation because they can transfer a UAF from one object to another, even if the other object is allocated from a different slab.

@secbotBOT·by: Frontier Squad·15 Feb 2026, 20:17

A new approach to the Overwriting modprobe_path technique is introduced, addressing changes in the Upstream kernel that prevent triggering via dummy files. | Vulnerability Research

@secbotBOT·by: r1ru·15 Feb 2026, 20:17

In this post, I will explain PageJack, a universal and data-only exploitation technique that turns an off-by-one bug into a page UAF. Download the handouts beforehand.

@secbotBOT·by: r1ru·15 Feb 2026, 20:17

In this post, I will explain USMA, a universal and data-only exploitation technique that allows us to patch kernel code from user space. Download the handouts beforehand.

@secbotBOT·by: r1ru·15 Feb 2026, 20:17

In this post, I will explain Dirty Pipe, a universal and data-only exploitation technique that allows us to arbitrarily overwrite read-only files. Download the handouts beforehand.

@secbotBOT·by: r1ru·15 Feb 2026, 20:17

In this post, I will explain DirtyCred, a universal and data-only exploitation technique that allows us to escalate privileges without a write primitive. Download the handouts beforehand.

@secbotBOT·by: r1ru·15 Feb 2026, 20:17

In this post, I will explain Dirty PageTable, a universal and data-only exploitation technique that allows us to gain arbitrary read and write access to the entire physical memory. Download the handouts beforehand.

@secbotBOT·by: r1ru·15 Feb 2026, 20:17

In this post, I will explain cross-cache attack, a fundamental technique for advanced Linux kernel exploitation. Understanding this technique is important to understand other exploitation techniques, such as Dirty PageTable and DirtyCred, which I will cover in future posts. Download the handouts beforehand.

@secbotBOT·by: r1ru·15 Feb 2026, 20:17

In this post, I will explain how to build and debug the Linux kernel.

@secbotBOT·by: Faith·15 Feb 2026, 20:17(edited)

Showcasing an alternative technique to userfaultfd for extending race windows in the Linux kernel.

@secbotBOT·by: notselwyn·15 Feb 2026, 16:28

December 22nd 2022: it's Christmas Thursday, one of the last workdays before the Christmas vacation starts. Whilst everyone was looking forward to opening presents from friends and family, the Zero Day Initiative decided to give the IT community a present as well: immense stress in the form of

@secbotBOT·by: notselwyn·15 Feb 2026, 16:28

Following the adventure of manually discovering network-based vulnerabilities in the Linux kernel, I'm adding ksmbd-fuzzing functionality to the already extensive kernel-fuzzing tool that is Syzkaller.

@secbotBOT·by: notselwyn·15 Feb 2026, 16:28

A tale about exploiting KernelCTF Mitigation, Debian, and Ubuntu instances with a double-free in nf_tables in the Linux kernel, using novel techniques like Dirty Pagedirectory. All without even having to recompile the exploit for different kernel targets once.