Posts

on Bynar.io · A comparative case study of how local, open-weight models stack up against frontier models at discovering and validating Linux kernel vulnerabilities, using two real CVEs as test cases.

on Bynar.io · A look at CVE-2026-31694, a page cache overflow in the Linux kernel's FUSE subsystem that lets an unprivileged attacker escalate privileges by corrupting cached SUID binaries via oversized directory entries.

on Bynar.io · An LLM-driven pipeline autonomously discovered and validated a use-after-free in Linux kernel CAN raw sockets — a non-trivial race involving RCU synchronisation and per-CPU memory management.

This post explores attacking page tables as a Linux kernel exploitation technique for gaining powerful read/write primitives.

In this part we'll use our case study to explore how the Linux kernel maps private anonymous memory.

In this series we'll explore the Linux kernel's memory management subsystem, using a simple userspace program as our starting point.

In this post I discuss a vulnerability which allows a local, or remote attacker, to trigger a use-after-free in the TIPC networking stack on affected installations of the Linux kernel.

Let's explore the modern kernel heap exploitation meta and how the new RANDOM_KMALLOC_CACHES tries to address it.

Tag along as I talk about a half finished project, looking at analysing Linux kernel commits for interesting security fixes.

This time we're going to build on that and introduce another memory allocator found within the Linux kernel, the slab allocator, and it's various flavours. So buckle up as we dive into the exciting world of SLABs, SLUBs and SLOBs.