Attacking hardened Linux systems with kernel JIT spraying
Posted Nov 19, 2012 13:03 UTC (Mon) by vonbrand
Parent article: Attacking hardened Linux systems with kernel JIT spraying
I believe the trick (mentioned in passing) allowing to have thousands of sockets (with associated BPF filters et al) "in flight" is a more serious issue than some trick allowing to write known executable code into the kernel space that has to be triggered somehow. The former is available everywhere, the later only with a very uncommon configuration and requires a kernel exploit to use anyway.
to post comments)