2 matches found
A 0-click exploit chain for the Pixel 9 Part 1: Decoding Dolby
Posted by Natalie Silvanovich Over the past few years, several AI-powered features have been added to mobile phones that allow users to better search and understand their messages. One effect of this change is increased 0-click attack surface, as efficient analysis often requires message media to...
A 0-click exploit chain for the Pixel 9 Part 2: Cracking the Sandbox with a Big Wave
Posted by Seth Jenkins With the advent of a potential Dolby Unified Decoder RCE exploit, it seemed prudent to see what kind of Linux kernel drivers might be accessible from the resulting userland context, the mediacodec context. As per the AOSP documentation, the mediacodec SELinux context is...