Black Hat | Bad io_uring: A New Era of Rooting for Android @BlackHatOfficialYT | Uploaded 8 months ago | Updated 4 hours ago
io_uring is a high-performance asynchronous I/O framework that was introduced in version 5.1 of the Linux kernel. Since its introduction, more than 100 vulnerabilities have been discovered in this subsystem. While there is extensive public exploitation against io_uring bugs in desktop Linux, no public research has targeted it in the Android kernel due to its strict restrictions on memory layout manipulation.
During this talk, we will detail our approach to achieving privilege escalation on Google Pixel 6 and Samsung S22 via CVE-2022-20409, a UAF io_uring bug...
By: Zhaofeng Chen , Kang Li , Zhenpeng Lin , Xinyu Xing
Full Abstract and Presentation Materials: blackhat.com/us-23/briefings/schedule/#bad-io_uring-a-new-era-of-rooting-for-android-32243
io_uring is a high-performance asynchronous I/O framework that was introduced in version 5.1 of the Linux kernel. Since its introduction, more than 100 vulnerabilities have been discovered in this subsystem. While there is extensive public exploitation against io_uring bugs in desktop Linux, no public research has targeted it in the Android kernel due to its strict restrictions on memory layout manipulation.
During this talk, we will detail our approach to achieving privilege escalation on Google Pixel 6 and Samsung S22 via CVE-2022-20409, a UAF io_uring bug...
By: Zhaofeng Chen , Kang Li , Zhenpeng Lin , Xinyu Xing
Full Abstract and Presentation Materials: blackhat.com/us-23/briefings/schedule/#bad-io_uring-a-new-era-of-rooting-for-android-32243
