The Way to Android Root: Exploiting Your GPU on Smartphone
Unknown
Black Hat USA 2024 · Day 1 · Briefing
This talk, presented by members of the Android Red team, delves into the critical security implications of Qualcomm Adreno GPU drivers on Android smartphones. The speakers reveal their discovery and exploitation of **CVE 2024-23380**, a vulnerability that allowed them to achieve root privileges from an unprivileged Android application. The presentation highlights why GPU drivers are a prime target for attackers: their direct access by unprivileged applications, the necessity for direct physical memory manipulation for performance, and the inherent complexity that often leads to exploitable bugs.