YoVDO

Elevating the TrustZone to Achieve a Powerful Android Kernel Exploit

Offered By: nullcon via YouTube

Tags

nullcon Courses Mobile Security Courses Trustzone Courses

Course Description

Overview

Explore an innovative approach to Android kernel exploitation in this 44-minute conference talk from Nullcon Goa 2022. Discover how leveraging the TrustZone, a higher privileged component, can overcome existing security mitigations and create a 100% reliable exploit. Learn about CVE-2021-1961, a vulnerability found in the Android kernel, and the unique exploitation method used. Delve into the communication protocol between the kernel and Qualcomm TrustZone (QSEE), identifying its weaknesses. Gain insights on why this technique bypasses current and potentially future mitigations, and how to begin your own research in this area. Understand the challenges of kernel exploitation in mobile security and how this method addresses issues of reliability and adaptability across different devices and versions.

Syllabus

Elevating The TrustZone To Achieve A Powerful Android Kernel Exploit | Tamir Zahavi Nullcon Goa 2022


Taught by

nullcon

Related Courses

Information Security - 5 - Secure Systems Engineering
Indian Institute of Technology Madras via Swayam
Develop TrustZone Enabled Applications on STM32L5 ARM MCUs with STM32CubeIDE - Webinar Replay
STMicroelectronics via YouTube
CaSE- Cache-Assisted Secure Execution on ARM Processors
IEEE via YouTube
Blue Pill for Your Phone
Ekoparty Security Conference via YouTube
Reflections on Trusting TrustZone
Black Hat via YouTube