Explore kernel isolation vulnerabilities and a new exploitation technique called return-to-direct-mapped memory (ret2dir) in this Black Hat conference talk. Delve into the weaknesses of existing kernel protection mechanisms like SMEP, SMAP, and PXN. Learn how ret2dir bypasses these safeguards by leveraging implicit data sharing in OS design. Examine techniques for constructing ret2dir exploits against various Linux targets and architectures. Understand the implications for kernel security and discover potential mitigation strategies, including an exclusive page frame ownership scheme for the Linux kernel. Gain insights into kernel space layout, physical memory management, and the intricacies of kernel exploitation through detailed explanations and demonstrations.