SKILL: Linux Kernel Exploitation — Expert Attack Playbook

AI LOAD INSTRUCTION: Expert kernel exploitation techniques. Covers environment setup (QEMU), vulnerability classes, privilege escalation targets, kernel ROP, ret2usr, stack pivoting, and cross-cache attacks. Distilled from ctf-wiki kernel-mode sections and real-world kernel CVEs. Base models often confuse user-mode and kernel-mode exploitation constraints, especially regarding SMEP/SMAP/KPTI.

0. RELATED ROUTING

• binary-protection-bypass — userspace protections (NX, ASLR) also apply in kernel context
• stack-overflow-and-rop — kernel ROP reuses many userspace ROP concepts
• heap-exploitation — kernel SLUB is conceptually related to userspace heap
• linux-privilege-escalation — non-exploit kernel privesc techniques

Advanced References

• KERNEL_MITIGATION_BYPASS.md — KASLR, SMEP, SMAP, KPTI, FG-KASLR, CFI bypass techniques
• KERNEL_HEAP_TECHNIQUES.md — SLUB internals, cross-cache attacks, msg_msg/pipe_buffer/sk_buff exploitation

1. EXPLOITATION MODEL