PolyWolf on Security

Complex Android Exploit

Posted on 2022-06-17: https://twitter.com/mmolgtm/status/1537479188382470144

From @mmolgtm:

This is probably the most complex exploit I’ve done so far. A UAF in Android kernel freed by kfree_rcu (introduces a delay) in a tight race + kCFI + Samsung RKP. Yet its still possible to gain arbitrary kernel RW, disable SE and root from untrusted app.

https://github.blog/2022-06-16-the-android-kernel-mitigations-obstacle-race/