CVE-2021-28663
A basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)
This is a basic PoC for CVE-2021-28663. A design flaw in Mali GPU Android Kernel Driver.
- Create a
GPU_VA
and alsommap
to it so we can get virtual addr for phys pages. - Create an alias for phy pages, but don't do
mmap
sogpu_mapping
remains as 1 - Change flags of
GPU_VA
toBASE_MEM_DONT_NEED
. Mali will make them evictable - Since we have
reg
for aliased page, now we canmmap
to it. This will give us RDONLY access from CPU