$hit! this is still the same bug syzbot reported 900(!) days ago:
https://syzkaller.appspot.com/bug?id=1379b6b21a2ffecd1ea4e2b564cc7e35d9f388b2 …
which was fixed in Jan 2018:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f5cb779ba16334b45ba8946d6bfa6d9834d1527f …
Still exploited on actual phones...https://twitter.com/chompie1337/status/1254877463072645120 …
-
-
Replying to @dvyukov
it says "Tested on S8/S8 active Snapdragon device running vulnerable Oreo firmware" in the description - I assume that means it wasn't on the latest firmware (the S8 is AFAICS in scope for monthly updates, according to https://security.samsungmobile.com/workScope.smsb )
3 replies 0 retweets 0 likes
I assume that @chompie1337's intent was mainly to demonstrate the mitigation bypass
1:07 AM - 30 Apr 2020
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.