Techniques [POC 2024] GPUAF : Two ways of rooting All Qualcomm based Android phones

[weaver]

Description

In July this year, Qualcomm patched a bug which was also discovered by us. By leveraging this specific vulnerability, we were able to root all affected Qualcomm-based Android phones.

In this presentation, we will first analyze the root cause of the bug and demonstrate how we turned it into a GPU Page Use-After-Free (GPUAF). We will then show how to exploit this bug through two distinct paths on different Samsung devices, bypassing all mitigations such as KNOX, physical address ASLR, and DEFEX. Next, we will share our experience on porting the exploit to other Qualcomm-based phones, detailing the challenges we faced during this process.

Finally, we will summarize the implications of this vulnerability for device security and provide recommendations for mitigating such risks in the future.

слайды: https://powerofcommunity.net/poc202...rooting All Qualcomm based Android phones.pdf

/threads/121996/