Explore the security implications of io_uring in Android kernels through this 27-minute Black Hat conference talk. Delve into the exploitation of CVE-2022-20409, a use-after-free vulnerability in the io_uring subsystem, to achieve privilege escalation on Google Pixel 6 and Samsung S22 devices. Learn about the challenges of exploiting io_uring bugs in Android's restricted environment and discover novel techniques for memory layout manipulation. Gain insights into the potential risks associated with this high-performance asynchronous I/O framework and its impact on Android security.
Overview
Syllabus
Bad io_uring: A New Era of Rooting for Android
Taught by
Black Hat
Related Courses
-
io_uring in Android
-
Two Bugs With One PoC - Rooting Pixel 6 From Android 12 to Android 13
-
Make KSMA Great Again - The Art of Rooting Android Devices by GPU MMU Features
-
Android Parcels - The Bad, the Good and the Better - Introducing Android's Safer Parcel
-
Breaking Android Kernel Isolation and Rooting with ARM MMU Features
-
The Art of Exploiting UAF by Ret2bpf in Android Kernel
