This document aims to demonstrate a design weakness found in the handling of simply linked lists used to register binary formats handled by the Linux kernel. It affects all the kernel families (2.0/2.2/2.4/2.6), allowing the insertion of infection modules in kernel space that can be used by malicious users to create infection tools, for example rootkits. Proof of concept, details, and proposed solution (in PDF form)
http://www.shellcode.com.ar/docz/binfmt-en.pdf
http://www.shellcode.com.ar/docz/binfmt-en.pdf