android kernel
文章平均质量分 87
HBh25Y
这个作者很懒,什么都没留下…
展开
-
Android kernel vulnerability between November 2020 and April 2021
0x00 CVE-2020-11131发生位置:CORE/SERVICES/WMA/wma.c的wma_apfind_set_cmd函数补丁:https://source.codeaurora.org/quic/le/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=b5549a556a9ce60b514ea20dc62f9499a97857a2触发方法:使用netlink sock套接字向qcacld发送type类型为WDA_原创 2021-05-03 15:11:38 · 848 阅读 · 1 评论 -
2020-10 android kenel vulnerability
qualcomm: https://www.qualcomm.com/company/product-security/bulletins/october-2020-security-bulletingoogle: https://source.android.com/security/bulletin/2020-10-010x00 CVE-2020-11125发生位置:mhi_main.c的mhi_process_data_event_ring()函数补丁:https://source.cod原创 2020-10-10 19:37:43 · 457 阅读 · 0 评论 -
2020-9 android kernel vulnerability
qualcomm:https://www.qualcomm.com/company/product-security/bulletins/september-2020-bulletingoogle:https://source.android.com/security/bulletin/2020-09-01ps:莫名的这个月开源代码补丁特别少0x00 CVE-2020-11124发生位置:diagchar_core.c的diag_remove_client_entry函数补丁:https://原创 2020-09-18 18:43:10 · 261 阅读 · 0 评论 -
2020-8 android kernel vulnerability
qualcomm:https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletingoogle:https://source.android.com/security/bulletin/2020-08-010x00 CVE-2020-0255发生位置:hooks.c的selinux_netlink_send()函数补丁:https://android.googlesource.com原创 2020-09-16 18:17:04 · 736 阅读 · 0 评论 -
2020-7 android kernel vulnerability
qualcomm:https://www.qualcomm.com/company/product-security/bulletins/july-2020-security-bulletingoogle:https://source.android.com/security/bulletin/2020-07-01samsun:https://security.samsungmobile.com/securityUpdate.smsbps:谷歌最好看英文的通告,英文和中文通告不是同步更新就很难受,中文原创 2020-07-13 14:22:06 · 5513 阅读 · 1 评论 -
2020-6 android kernel vulnerability
0x00 CVE-2020-8647(6.1)发生位置:vgacon.c的vgacon_resize函数补丁:https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=513dc792d6060d5ef572e43852683097a8420f56触发方法:可以尝试通过vc_allocate来申请一块大的vc_screenbuf,然后vc_do_resize来申请一块更大screenbuf,然后依次原创 2020-07-08 15:57:22 · 582 阅读 · 0 评论 -
CVE-2020-3610
CVE-2020-36100x00 前言这个漏洞是高通安全通告2020年5月的一个内核驱动kgsl-3d0的race condition漏洞, 我的poc并没有触发这个漏洞,但是根据Android的系统日志来看,我确实到达了漏洞函数处,我觉得根本原因应该是该漏洞的窗口期很小,然后释放的时候又是调用内核线程来异步释放的,所以很难真正的线程竞争成功,Android真机无法动态调试也是真难受,在此只是简单记录一下。0x01 环境小米8,sdm845,MIUI11.0.4稳定版,Android 9,内核版本原创 2020-07-08 12:11:12 · 597 阅读 · 0 评论 -
2020-5 android kernel vulnerability
0x00 CVE-2020-0110(7.8)发生位置:psi.c(psi)的psi_write函数补丁:https://android-review.googlesource.com/c/kernel/common/+/1246698/1/kernel/sched/psi.c#1201触发方法:在/ kernel / sched / Makefile文件中增加obj-y +=psi.o,增加该调度算法。编译内核时会自动编译执行module_init(psi_proc_init);会在/pr原创 2020-06-28 15:46:17 · 526 阅读 · 0 评论