Articles
-
An old Pixel rooting bug
This post documents a Use-After-Free (UAF) issue in the Arm Mali GPU kernel driver that I discovered sometime in Oct-Nov 2022.
-
A Netfilter hole
This post explores the root cause and exploitation of
CVE-2022-32250, a vulnerability I exploited for a successful demonstration at Pwn2Own Vancouver 2022, and also the first vulnerability I discovered. The issue was used to achieve local privilege escalation onUbuntu 22.04 kernel 5.15.0-30-release.