Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools,
Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call monitoring.
This causes a « major blind spot in Linux runtime security tools, » ARMO said.
« This mechanism allows a user application to perform various actions without using system calls, » the company said in
This causes a « major blind spot in Linux runtime security tools, » ARMO said.
« This mechanism allows a user application to perform various actions without using system calls, » the company said in
,
Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call monitoring.
This causes a « major blind spot in Linux runtime security tools, » ARMO said.
« This mechanism allows a user application to perform various actions without using system calls, » the company said in
This causes a « major blind spot in Linux runtime security tools, » ARMO said.
« This mechanism allows a user application to perform various actions without using system calls, » the company said in
, ,
https://thehackernews.com/2025/04/linux-iouring-poc-rootkit-bypasses.html