• Stars
    star
    112
  • Rank 312,240 (Top 7 %)
  • Language
    C
  • Created about 3 years ago
  • Updated about 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)

CVE-2021-28663

A basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)

This is a basic PoC for CVE-2021-28663. A design flaw in Mali GPU Android Kernel Driver.

  1. Create a GPU_VA and also mmap to it so we can get virtual addr for phys pages.
  2. Create an alias for phy pages, but don't do mmap so gpu_mapping remains as 1
  3. Change flags of GPU_VA to BASE_MEM_DONT_NEED. Mali will make them evictable
  4. Since we have reg for aliased page, now we can mmap to it. This will give us RDONLY access from CPU

Example run:

Example run CVE-2021-28663

Example run CVE-2021-28663

Example run CVE-2021-28663