Share
## https://sploitus.com/exploit?id=11A3B124-C5DE-594F-A086-A20ED4E60873
# π§ Kernel Exploit Intelligence (KEI)

> **AI-Driven Linux Kernel Vulnerability Research, Privilege Escalation (LPE), and Remediation.**
Kernel Exploit Intelligence is a research laboratory dedicated to the discovery and systematic patching of critical vulnerabilities in the Linux kernel. By leveraging autonomous AI agents and advanced fuzzing telemetry (Syzkaller), we identify exploitable bug classes before they are weaponized.
---
## π¬ Methodology
Our research follows a three-pillar approach:
1. **Autonomous Discovery**: Using custom AI agents to scan NVD, Syzkaller, and LKML for "hidden" bug patterns that haven't received official patches.
2. **Exploit Feasibility**: Developing Proof-of-Concept (PoC) code to determine if a bug can be leveraged for Local Privilege Escalation (LPE) or Remote Code Execution (RCE).
3. **Proactive Remediation**: Writing high-quality, production-ready patches and submitting them to the upstream Linux kernel maintainers.
---
## π Repository Structure
- [π€ `agents/`](./agents/): Autonomous Python agents for vulnerability scanning and patch drafting.
- [π‘οΈ `research/`](./research/): Deep-dive analysis of specific bug classes (e.g., DirtyFrag).
- [π©Ή `patches/`](./patches/): A collection of verified kernel patches ready for deployment.
---
## π Active Projects
### [DirtyFrag Variant Analysis](./research/dirtyfrag-variant-1/)
Analysis of the `splice()`-based page cache write vulnerability class. Includes formatted patches for:
- **CVE-2026-43284** (XFRM/ESP)
- **CVE-2026-43500** (RxRPC)
---
## π Exploit Laboratory (LPE Focus)
We specialize in **Local Privilege Escalation (LPE)**. Our research focuses on bypassing modern kernel mitigations (KASLR, SMEP, SMAP, KPTI) by exploiting:
- **UAF (Use-After-Free)** in networking stacks.
- **Race Conditions** in file system implementations.
- **Logic Errors** in memory management (e.g., DirtyFrag).
Every research entry includes a functional PoC to demonstrate the security impact.
## π οΈ Tools
### [π€ Kernel Patch Agent v2](./agents/agent_v2.py)
Our primary engine for converting Syzkaller crash reports into actionable research data. It automatically:
- Scrapes open bugs from `syzkaller.appspot.com`.
- Extracts involved functions and source files.
- Generates analysis templates and patch drafts.
### [π§ KEI Auditor (Enhanced Linpeas Edition)](./agents/linpeas.sh)
A customized version of the famous `linpeas.sh`, optimized for **Kernel Exploit Intelligence**.
- **Aggressive Detection**: Specifically tuned to detect DirtyFrag variants (CVE-2026-43284, CVE-2026-43500) by checking loaded modules and kernel state.
- **LPE Intelligence**: Enhanced logic to suggest exploit paths based on active mitigations (KASLR/SMEP/SMAP).
- **Usage**:
```bash
chmod +x agents/linpeas.sh
./agents/linpeas.sh
```
---
## β οΈ Disclaimer
The materials in this repository are for educational and security research purposes only. The authors are not responsible for any misuse of the information or code provided. Always disclose vulnerabilities responsibly.
---
*βSecuring the core of the internet, one patch at a time.β*