That's why I asked about KARL.
Looking at it now I suppose it doesn't make any difference.
I am a kernel layman, so I could be totally wrong.
I think KARL still makes a difference. Because, if I understand correctly, the basic "protection" principle was to hide the kernel somewhere in the big virtual address space.
If by some trick you manage to find out this address space, you might able to read-scan that memory range for interesting things like passwords, buffers etc., without causing a privilege exception.
As most people use generic kernels, the location of all that stuff is well-known if you manage to find a single fixed kernel address.
I guess this approach could be more difficult, when like with KARL the kernel modules are sprayed over the virtual address space. If you manage to find where one module is, this is probably of far less value, when you would possibly have to run multiple attacks on different functions/modules to get substantial information.
But as said I might be wholly wrong.
Edit: yes, I confused some things... a combination of KASLR and KARL would be desirable.