-
Recent Posts
Recent Comments
Archives
Categories
Meta
Monthly Archives: June 2011
A Fun *BSD Bug
I recently reported and disclosed (at Summercon) a vulnerability in the 802.11 stack of the FreeBSD and NetBSD kernels that had some interesting properties.
Posted in Kernel
Comments disabled
SMEP: What is It, and How to Beat It on Linux
On May 16, 2011, Fenghua Yu submitted a series of patches to the upstream Linux kernel implementing support for a new Intel CPU feature: Supervisor Mode Execution Protection (SMEP). This feature is enabled by toggling a bit in the cr4 register, and the result is the CPU will generate a fault whenever ring0 attempts to execute code from a page marked with the user bit.
Posted in Exploitation, Kernel, Linux
Comments disabled