"The attack attack exploits an oft-forgotten function in Linux
versions 2.4 and above in order to quietly insert a rootkit into
the operating system kernel as a way to hide malware processes,
hijack system calls, and open remote backdoors into the machine,
for instance. At Black Hat Europe this week in Amsterdam, Anthony
Lineberry, senior software engineer for Flexilis, will demonstrate
how to hack the Linux kernel by exploiting the driver interface to
physically addressable memory in Linux, called /dev/mem."