Qualcomm Adreno GPU driver "perfcounter query" heap overflow: https://code.google.com/p/google-security-research/issues/detail?id=734 …
-
-
Replying to @benhawkes
@benhawkes Another nice one. But would exploitation would be realistic given the huge copy loop immediately after the allocation?1 reply 1 retweet 2 likes -
Replying to @djrbliss
@djrbliss@benhawkes parallel thread corruption seem like a potential technique. Would be tough to clean up state though I image1 reply 0 retweets 0 likes -
Replying to @thebantyone
@banty0ne
@benhawkes How do you plan on getting kernel to schedule out thread from inside a tight copy loop before it faults and panics?2 replies 0 retweets 1 like -
Replying to @benhawkes
@benhawkes @banty0ne@djrbliss the kernel is preemptible, so it might work to do the overflow with SCHED_IDLE, then preempt with normal prio1 reply 0 retweets 0 likes
@benhawkes @banty0ne @djrbliss hog n-1 cores, do the overflow, hog the last core?
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.