Information in this chapter
A Look at the Architecture Level
The Execution Step
The Triggering Step
The Information-Gathering Step
In Chapter 2 we said a bug becomes a security issue as soon as someone figures out how to take advantage of it. That's what we'll focus on in this chapter: how to develop a successful exploit. Demonstrating that a vulnerability exists (e.g., via proof-of-concept code) is only a first step in kernel exploitation. The exploit has to work. A piece of code that gives you full privileges and then immediately panics the machine is clearly of no use.
To develop a good exploit, you must understand the vulnerability you are targeting, the ...