The article discusses the exploitation of CVE-2025-37947 in ksmbd, focusing on the challenges and methodologies used to achieve local privilege escalation. It details the vulnerability's root cause, the proof of concept implementation, and the kernel memory allocation intricacies that enable the exploit. The author emphasizes the importance of understanding memory management for effective exploitation.

RingReaper is a stealthy post-exploitation agent for Linux that utilizes the io_uring asynchronous I/O interface to minimize detection by EDR solutions. By replacing traditional system calls with io_uring operations, RingReaper effectively reduces the risk of triggering security alerts, even when some traditional calls are necessary. The tool is intended for educational purposes and demonstrates advanced evasion techniques against security monitoring.