Android Universal Root: Exploiting Mobile GPU / Command Queue Drivers
Rooting modern Android devices using kernel bugs from an unprivileged process without any hardcoded offsets/addresses and with almost a 100% success rate is exceptionally rare. After reporting the in-the-wild CVE-2020-0069 in Mediatek's Command Queue device driver, we conducted a security review on ImgTec's PowerVR GPU device driver during which we discovered and reported several such rare vulnerabilities (e.g. GPU CVE-2021-39815). In total, we discovered 35+ exploitable bugs.This talk will primarily focus on GPU hacking....
By: Jon Bottarini , Xingyu Jin , Richard Neal
Full Abstract & Presentation Materials: https://www.blackhat.com/us-22/briefings/schedule/#android-universal-root-exploiting-mobile-gpu--command-queue-drivers-27239
Видео Android Universal Root: Exploiting Mobile GPU / Command Queue Drivers канала Black Hat
By: Jon Bottarini , Xingyu Jin , Richard Neal
Full Abstract & Presentation Materials: https://www.blackhat.com/us-22/briefings/schedule/#android-universal-root-exploiting-mobile-gpu--command-queue-drivers-27239
Видео Android Universal Root: Exploiting Mobile GPU / Command Queue Drivers канала Black Hat
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![Hacked on National Television](https://i.ytimg.com/vi/_4GBTTP9g3U/default.jpg)
![Grand Theft House: RF Lock Pick Tool to Unlock Smart Door Lock](https://i.ytimg.com/vi/QwaoIaCON4w/default.jpg)
![Fuzzing the Native NTFS Read-Write Driver (NTFS3) in the Linux Kernel](https://i.ytimg.com/vi/n62uFd47F30/default.jpg)
![Forward Focus – The Impact of Artificial Intelligence](https://i.ytimg.com/vi/A7FxxuHV0Jk/default.jpg)
![firmWar: An Imminent Threat to the Foundation of Computing](https://i.ytimg.com/vi/io2MCK3M_pw/default.jpg)
![Fireside Chat: Jeff Moss and Gaurav Keerthi](https://i.ytimg.com/vi/ifA3kLv6D2c/default.jpg)
![Scammers Who Scam Scammers, Hackers Who Hack Hackers: Exploring a Sub-economy on Cybercrime Forums](https://i.ytimg.com/vi/5bNQnNdZeb0/default.jpg)
![Ret2page: The Art of Exploiting Use-After-Free Vulnerabilities in the Dedicated Cache](https://i.ytimg.com/vi/HZk2egYDXxg/default.jpg)
![Attack on Titan M, Reloaded: Vulnerability Research on a Modern Security Chip](https://i.ytimg.com/vi/bCjkAkXiwK4/default.jpg)
![AEPIC Leak: Architecturally Leaking Uninitialized Data from the Microarchitecture](https://i.ytimg.com/vi/8ZWc7Hcsl8o/default.jpg)
![Attacks From a New Front Door in 4G & 5G Mobile Networks](https://i.ytimg.com/vi/XzvWguiFPX8/default.jpg)
![AAD Joined Machines - The New Lateral Movement](https://i.ytimg.com/vi/ZPI2OB0g028/default.jpg)
![A Journey Into Fuzzing WebAssembly Virtual Machines](https://i.ytimg.com/vi/V3a5asx9aLQ/default.jpg)
![A New Trend for the Blue Team: Using a Symbolic Engine to Detect Evasive Forms of Malware/Ransomware](https://i.ytimg.com/vi/CIjzABWO3DY/default.jpg)
![Monitoring Surveillance Vendors: A Deep Dive into In-the-Wild Android Full Chains in 2021](https://i.ytimg.com/vi/0Vv5kLj0tz4/default.jpg)
![New Memory Forensics Techniques to Defeat Device Monitoring Malware](https://i.ytimg.com/vi/Qgu5CGV-4JY/default.jpg)
![The 8th Annual Black Hat USA NOC Report](https://i.ytimg.com/vi/ABUC7ZGB1Ok/default.jpg)
![Better Privacy Through Offense: How To Build a Privacy Red Team](https://i.ytimg.com/vi/WJXjl8vk_nM/default.jpg)
![Unlimited Results: Breaking Firmware Encryption of ESP32-V3](https://i.ytimg.com/vi/wfZHQocTsZo/default.jpg)
![Backdooring and Hijacking Azure AD Accounts by Abusing External Identities](https://i.ytimg.com/vi/uKDS2t9_KsA/default.jpg)