3 matches found
CAPIO: Safe Kernel-Bypass of Commodity Devices Using Capabilities
Securing low-latency I/O in commodity systems forces a fundamental trade-off: rely on the kernel's high overhead mediated interface, or bypass it entirely, exposing sensitive hardware resources to userspace and creating new vulnerabilities. This dilemma stems from a hardware granularity mismatch:...
Breaking the Android Bootloader on the Qualcomm Snapdragon 660
This post is a companion to the DEF CON 29 video available here. A few months ago I purchased an Android phone to do some research around a specific series of NFC chips, which required me to gain root access to the device in order to fully access its hardware capabilities. Gaining root access on...
GLSA-200707-04 : GNU C Library: Integer overflow
The remote host is affected by the vulnerability described in GLSA-200707-04 GNU C Library: Integer overflow Tavis Ormandy of the Gentoo Linux Security Team discovered a flaw in the handling of the hardware capabilities mask by the dynamic loader. If a mask is specified with a high population...