EIP-2026-103350

PRE-CVE

Linux Kernel (x86) - Memory Sinkhole Privilege Escalation

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103350. PoCs published by Christopher Domas.

AI-analyzed exploit summary This exploit leverages a memory sinkhole attack to hijack ring -2 execution via the APIC overlay attack, targeting the SMM handler to redirect execution to a controlled payload. It manipulates the GDT and APIC remapping to achieve privilege escalation in a low-level system context.

Description

Linux Kernel (x86) - Memory Sinkhole Privilege Escalation

Exploits (1)

exploitdb WORKING POC
by Christopher Domas · assemblylocallinux_x86
https://www.exploit-db.com/exploits/37724

This exploit leverages a memory sinkhole attack to hijack ring -2 execution via the APIC overlay attack, targeting the SMM handler to redirect execution to a controlled payload. It manipulates the GDT and APIC remapping to achieve privilege escalation in a low-level system context.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Complex
Reliability
Theoretical
Target: x86-based systems with vulnerable SMM implementation
No auth needed
Prerequisites: Ring 0 access · APIC enabled · Target system with vulnerable SMM handler
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026