YoVDO

Evils in the Sparse Texture Memory - Exploiting Kernel Vulnerabilities in GPU APIs

Offered By: Black Hat via YouTube

Tags

Kernel Exploitation Courses OpenGL Courses OpenCL Courses Android Security Courses Use-After-Free Vulnerability Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore vulnerabilities in the Imagination Technologies' PowerVR GPU used in various Android devices during this 40-minute Black Hat conference talk. Discover several physical page UAF vulnerabilities caused by mishandled sparse texture memory management. Learn how malicious actors can manipulate arbitrary freed physical pages from both CPU and GPU sides using OpenGL and OpenCL. Understand the unique nature of these exploits, which primarily use OpenGL APIs and an extra mmap function, making them potentially harder to detect through static analysis. Gain insights into solutions for detecting these exploits and witness a demonstration of rooting a device. Presented by Xingyu Jin, Tony Mendez, and Richard Neal, this talk delves into the intricacies of kernel exploitation based on undefined behaviors of graphic APIs.

Syllabus

Evils in the Sparse Texture Memory: Exploit Kernel Based on Undefined Behaviors of Graphic APIs


Taught by

Black Hat

Related Courses

The Art of Exploiting UAF by Ret2bpf in Android Kernel
Black Hat via YouTube Attacking iPhone XS Max
Black Hat via YouTube Use-After-Use-After-Free - Exploit UAF by Generating Your Own
Black Hat via YouTube Ret2page - The Art of Exploiting Use-After-Free Vulnerabilities in the Dedicated Cache
Black Hat via YouTube Breaking Android Kernel Isolation and Rooting with ARM MMU Features
Black Hat via YouTube