First, standard page fault mechanisms would still be in place, that's a processor/architecture feature, so out of bounds memory access would be detected just as in a normal operating system. Of course, a normal operating system does not detect many/most buffer overflows.
In general, you could have a unikernel where it's impossible to get executable buffer overflow because there are no memory pages that are both writable and executable - as the article describes, that'd need some help from the hypervisor for the initialization.
Return oriented programming exploits could work anyway, though.
In general, you could have a unikernel where it's impossible to get executable buffer overflow because there are no memory pages that are both writable and executable - as the article describes, that'd need some help from the hypervisor for the initialization.
Return oriented programming exploits could work anyway, though.