[IAmLiterallyAB]

What's preventing a compromised kernel on one core from hijacking the other cores? This doesn't seem like much of a security boundary

[viraptor]

Nothing prevents it if you achieve code execution. But where it helps is scenarios like syscall / memory mapping exploits where a user process can only affect resources attached to their current kernel. For example https://dirtycow.ninja/ would have a limited scope.