Gate hack may occur #1
Description
set edx to one of kernel service tags and call gate. in call gate procedure edx out of bound would trigger int3 and to kernel via TSS gate. Kernel would check IF bit (cleared by call gate) and jmp to service identified by the fake tag. Is seems to be just "strange" way to call 'create' or 'kill' currently,but would make kernel access false arguments and cause violation in the future when more kernel services are added.