After seeing a full QSEE vulnerability and exploit in the previous blog post, I thought it might be nice to see some QSEE shellcode in action. In this blog post we’ll see how we can make use of this direct memory access in the “Secure World” in order to hijack the Linux Kernel running in the ‘Secure World’ without even requiring a kernel vulnerability. Since QSEE has read-write access to all of the “Normal World”‘s memory, it should theoretically be able to inject code into the running Linux kernel in physical memory.”]
Source: http://bits-please.blogspot.com/2016/05/war-of-worlds-hijacking-linux-kernel.html