Kernel Driver mmap Handler Exploitation

By Mateusz Fruba on 19 September, 2017

This paper aims to guide it's reader towards building a working exploit for Linux kernel driver memory mapping issues. This research was largely motivated due to the lack of public step by step documentation on how to identify this type of vulnerability and how it may be exploited.


Memory mapping issues within Linux kernel drivers were discovered years ago. Since the discovery of this issue category a number of vulnerable device drivers were developed for various platforms such as mobile devices, TV, routers, servers and many more embedded devices.

It is expected that the primary reason for this is due to the lack of public guideline about secure kernel development practices. Each developer has to learn by themselves. Often they will only learn the pitfalls when an public exploit is created for their driver and security team is expected to resolve it. This document aims to provide guidance in this area.