https://netacoding.com/categories/kernel-exploitation/ Recent content in Kernel Exploitation on Netacoding | Cybersecurity, Assembly & Network Research Hugo en-us Wed, 29 Apr 2026 00:00:00 +0000 https://netacoding.com/posts/fuse-boundary-mathematics-pgoff-overflow/ Wed, 29 Apr 2026 00:00:00 +0000 https://netacoding.com/posts/fuse-boundary-mathematics-pgoff-overflow/ How a FUSE daemon's poisoned attr.size feeds integer overflows into pgoff_t arithmetic across mm/filemap.c, mm/mmap.c, and the Maple Tree VMA walker — yielding XArray OOB walks, infinite kworker loops, and cross-VMA write primitives. https://netacoding.com/posts/fuse-trust-boundary-and-size-desync/ Wed, 29 Apr 2026 00:00:00 +0000 https://netacoding.com/posts/fuse-trust-boundary-and-size-desync/ Deep technical dissection of the FUSE userspace-kernel trust inversion and how a malicious daemon weaponizes attr.size lies into kernel heap overflows via kernel_read_file() and virtio-fs. https://netacoding.com/posts/fuse-async-abort-race-double-put/ Wed, 29 Apr 2026 00:00:00 +0000 https://netacoding.com/posts/fuse-async-abort-race-double-put/ The crown jewel of FUSE exploitation: a three-actor race between a stalled fuse_req, /proc/sys/vm/drop_caches inode eviction, and delayed fuse_abort_conn teardown — yielding DirtyCred-class double-puts and UAF reads on freed slab memory.