AFL COW Dirty Cred Double Fetch FSOP Filesystem Full RELRO HeapFengShui HijackPrctl Integer Overflow LKM Race condition Rtnetlink SROP UAF USMA _IO_FILE __libc_start_main aur bpf buddy system bypass kpti bypass semp chunk overlapping deb dl-runtime-resolve docker escape ebpf fastbin fastbin attack fini fuse fuzzing genmask heap spray hook house of banana house of botcake house of force house of lora house of orange house of pig house of storm house of 系列 io_uring kernel ROP kernel UAF large bin attack largebin attack llvm pass mmio modify_ldt modprobe_path msg_msg musl namespace机制 netfilter netlink nft_rule_expr_deactivate nft_set_pipapo_type nftables off bu null off by null overstep page fault pipe pipe_buffer pmio protobuf pt_regs pwn qemu escape ret2dl-runtime-resolve ret2usr rop stack overflow sandbox seq_operations setxattr shellcode shellcode编写 sk_buff slab源码分析 syzkaller syzlang tcache double free tcache stashing unlink attack tty_struct user_key_payload userfaultfd vga vtable watch queue 侧信道攻击 修改cred，劫持vdso 内存管理 劫持TLS结构 堆利用 堆利用技巧 堆喷射 零拷贝