2 matches found
Android - ashmem Readonly Bypasses via remap_file_pages() and ASHMEM_UNPIN
This bug report describes two ways in which an attacker can modify the contents of a read-only ashmem fd. I'm not sure at this point what the most interesting user of ashmem is in the current Android release, but there are various users, including Chrome and a bunch of utility classes. In AOSP...
Android - ashmem Readonly Bypasses via remap_file_pages() and ASHMEM_UNPIN
Android - ashmem Readonly Bypasses via remapfilepages and ASHMEMUNPIN This bug report describes two ways in which an attacker can modify the contents of a read-only ashmem fd. I'm not sure at this point what the most interesting user of ashmem is in the current Android release, but there are...