Qualcomm Android - Kernel Use-After-Free via Incorrect set_page_dirty() in KGSL Exploit

The following issue exists in the android-msm-wahoo-4.4-pie branch of https://android.googlesource.com/kernel/msm and possibly others: When kgslmementrydestroy in drivers/gpu/msm/kgsl.c is called for a writable entry with memtype KGSLMEMENTRYUSER, it attempts to mark the entry's pages as dirty...

Android - sdcardfs Changes current->fs Without Proper Locking

Tested on a Pixel 2 walleye: ro.build.abupdate: true ro.build.characteristics: nosdcard ro.build.date: Mon Jun 4 22:10:18 UTC 2018 ro.build.date.utc: 1528150218 ro.build.description: walleye-user 8.1.0 OPM2.171026.006.G1 4820017 release-keys ro.build.display.id: OPM2.171026.006.G1...

walleye.com XSS vulnerability

Vulnerable URL: http://www.walleye.com/DesktopModules/PAAutoDealer/atLoanCalulator.aspx?loanamount=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...