「The Android kernel mitigations obstacle race | The GitHub Blog」

In this post I’ll exploit CVE-2022-22057, a use-after-free in the Qualcomm gpu kernel driver, to gain root and disable SELinux from the untrusted app sandbox on a Samsung Z flip 3. I’ll look at various mitigations that are implemented on modern Android devices and how they affect the exploit.

In this post I’ll exploit CVE-2022-22057, a use-after-free in the Qualcomm gpu kernel driver, to gain root and disable SELinux from the untrusted app sandbox on a Samsung Z flip 3. I’ll look at various mitigations that are implemented on modern Android devices and how they affect the exploit.

github.blog

Webページ

コンテンツ文字数:0 文字

見出し数(H2/H3タグ):0 個

閲覧数:100 件

2022-06-18 11:11:01

オリジナルページを開く

B!

タグ一覧
The
Android
kernel
mitigations
obstacle
race
GitHub
BlogIn
this
post
I’ll
exploit
CVE-
2022
22057
use-after-free
in
the
Qualcomm
gpu
driver
to
gain
root
and
disable
SELinux
from
untrusted
app
sandbox
on
Samsung
flip
look
at
various
that
are
implemented
modern
devices
how
they
affect
raceWhy
GPU
drivers
vulnerability
Mitigations
Exploiting
bug
ultimate
fake
object
store
Escaping
an
infinite
loop
Hijacking
freelist
Device
Memory
Mirroring
Attack
Bypassing
Running
arbitrary
commands
using
ret
kworker
TM
Conclusions
Disclosure
practices
patching
time
patch
gapping
More
Security
Lab
Related
posts
Explore
more
Subscribe
Insider
Product
Platform
Support
Company