rootack

Heap Overflows and Double-Free Attacks http://homes.sice.indiana.edu/yh33/Teaching/I433-2016/lec13-HeapAttacks.pdf …

XNU: remote double-free via data race in IPComp input path https://bugs.chromium.org/p/project-zero/issues/detail?id=1898 …

I've digged up some ancient versions of Adobe Reader to figure out exactly which symbols were public in which builds and when. Turns out all the core modules had them at some point. My full analysis on the P0 blog: https://googleprojectzero.blogspot.com/2019/10/the-story-of-adobe-reader-symbols.html …

Kernel privilege escalation bug in Android affecting fully patched Pixel 2 & others. Reported under 7 day deadline due to evidence of in-the-wild exploit. @tehjh and I quickly wrote a POC to get arbitrary kernel r/w using this bug, released in tracker. https://bugs.chromium.org/p/project-zero/issues/detail?id=1942 …

#POC2019 CFP deadline date: 10th Oct * We have about 9 more days to deadline We are looking for hardcores in Android(especially Samsung and Huawei related), AI, SCADA and Hardware And yes indeed, if you have other outstanding research, do not hesitate to send us!

We just published the slides for the TEE presentation @esanfelix gave at #zer0con2019 and #infiltrate19, and kicking off part 1/4 of a blog post series about this research. https://labs.bluefrostsecurity.de/blog/2019/05/27/tee-exploitation-on-samsung-exynos-devices-introduction/ …

Our colleague, Suhee just got accepted to BlackHat Talk! Congrats Suhee! She is going to talk about "Women in Security: Building a Female InfoSec Community in Korea, Japan, and Taiwan" See you all there! https://www.blackhat.com/us-19/briefings/schedule/index.html#women-in-security-building-a-female-infosec-community-in-korea-japan-and-taiwan-16476 … #BHUSA2019

Yet, another JB for iOS 12...Maybe it does not work on A12 since we cannot use ROP in userspace right now... what if BOP all the things? https://twitter.com/benhawkes/status/1093581737924259840 …

iOS 12.1 PoC exploit now available: https://blogs.securiteam.com/index.php/archives/3802 …

Zer0Con2019 [Call for Papers] is now open for top-notch speakers! Zer0con focuses on finding, analyzing, and exploiting vulnerability. Please refer to our website for more info! http://zer0con.org/cfp.pdf  CFP deadline: 25th Feb, 2019 #Zer0Con2019 #Zer0Con

Microsoft Edge Chakra OP_NewScObjArray Type Confusion Bug & Full Poc Exploit by bo13oy of Qihoo 360 Vulcan Team: https://translate.google.com/translate?sl=zh-CN&tl=en&js=y&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fblogs.360.cn%2Fpost%2FMicrosoft%2520Edge%2520Chakra%2520OP_NewScObjArray%2520Type%2520Confusion%2520%25E8%25BF%259C%25E7%25A8%258B%25E4%25BB%25A3%25E7%25A0%2581%25E6%2589%25A7%25E8%25A1%258C%25E6%25BC%258F%25E6%25B4%259E%25E5%2588%2586%25E6%259E%2590%25E4%25B8%258E%25E5%2588%25A9%25E7%2594%25A8.html&edit-text= …