[Binary] Rooting Ubuntu By Accident and Samsung Kernel Bugs

Published: Jan. 13, 2022, 1 a.m.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/rooting-ubuntu-by-accident-and-samsung-kernel-bugs.html

\n

We are back for the first 2022 binary episode, and its all kernel. Obtaining root through an hours long exploit process on Ubuntu thanks to an invalid free, use-after-free in XNU due to bad locking, and some terrible code in Samsung S20 DSP kernel driver with multiple integer overflows.

\n

[00:00:42] Getting root on Ubuntu through wishful thinking
\n

\n

[00:19:21] XNU: heap-use-after-free in inm_merge
\n

\n

[00:29:42] Kernel LPE in the Vision DSP Kernel Driver [CVE-2021-25467]
\n

\n

[00:34:34] Kernel LPE in the Vision DSP Kernel Driver's ELF Linker [CVE-2021-25475]
\n

\n

[00:37:16] Linux Heap Exploitation - Part 3
\n

\n

[00:38:37] PS4 CCP Crypto Bug
\n

\n

The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week:

\n
    \n
  • Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities
  • \n
  • Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits.
  • \n
\n

The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec

\n

You can also join our discord: https://discord.gg/daTxTK9

\n

Or follow us on Twitter (@dayzerosec) to know when new releases are coming.