Polluting sys_execve() in kernel space without depending on the sys_call_table[]: A paper discussing design weaknesses in the linux kernel’s handling of simply linked lists used to register binary formats. Spanish Version.
You can download it from the following link: https://packetstormsecurity.com/files/download/50782/binfmt-es.pdf
Source: https://packetstormsecurity.com/files/50782/binfmt-es.pdf.html