Due to the lovely fact, if I recall corectly, that there's two TLB[1], one for instructions and one for data. So you can subvert one or another in order to execute a hidden payload.
If you read the data you think you'll execute, you will be fooled. [2] This is a pretty nice trick.