CVE-2023-41111: Samsung Baseband RLC Data Re-Assembly Buffer Overflow We have identified a new buffer overflow vulnerability in Samsung’s baseband implementation... 2024-7-29 08:0:0 | 阅读: 24 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io rlc pdu bsn frags fragment

CVE-2023-41112: Samsung Baseband RLC Data Re-Assembly Heap Buffer Overflow We have identified several new heap buffer overflow vulnerabilities in Samsung’s baseband i... 2024-7-29 08:0:0 | 阅读: 7 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io rlc pdu fragm dstack gprs

Unburdened By What Has Been: Exploiting New Attack Surfaces in Radio Layer 2 for Baseband RCE on Samsung Exynos We have written extensively about remote baseband vulnerability research in the past, exami... 2024-7-29 08:0:0 | 阅读: 4 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io llc frames baseband rlc pdu

Full Chain Baseband Exploits, Part 1 In our previous blog post, we have introduced our latest research into full chain baseband... 2023-12-7 08:0:0 | 阅读: 5 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io samsung baseband taszk overflow mediatek

Full Chain Baseband Exploits, Part 2 Additional posts in this series:Part 1Part 3If you’ve watched my Basebanheimer talk, y... 2023-12-7 08:0:0 | 阅读: 3 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io mer kal buff 0x4 bitmask

Full Chain Baseband Exploits, Part 3 Additional posts in this series:Part 1Part 2In my Basebanheimer talk at Hardwear.io, I... 2023-12-7 08:0:0 | 阅读: 8 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io shellcode vmalloc mediatek oob ringbuffer

CVE-2022-21766: Mediatek CCCI Kernel Driver Stack Buffer Overflow We have identified a new stack buffer overflow vulnerability in Mediatek’s Linux Kernel dri... 2023-11-28 08:0:0 | 阅读: 7 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io ccci mediatek memory rbf buflen

CVE-2022-21744: Mediatek Baseband GPRS PNCD Heap Buffer Overflow We have identified a new heap buffer overflow vulnerability in Mediatek’s baseband implemen... 2023-11-28 08:0:0 | 阅读: 8 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io pncd mediatek qmsg fdd repetition

CVE-2022-21765: Mediatek CCCI Kernel Driver OOB Write We have identified a new out-of-bound write vulnerability in Mediatek’s Linux Kernel driver... 2023-11-28 08:0:0 | 阅读: 5 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io mediatek memory ccci modem rbf

CVE-2022-21769: Mediatek CCCI Kernel Driver OOB Read We have identified a new out-of-bound read vulnerability in Mediatek’s Linux Kernel driver... 2023-11-28 08:0:0 | 阅读: 2 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io ccci memory mediatek modem buflen

CVE-2023-21517: Samsung Baseband LTE ESM TFT Heap Buffer Overflow We have identified a new heap buffer overflow vulnerability in Samsung’s baseband implement... 2023-11-28 08:0:0 | 阅读: 2 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io pf comp tft samsung sael3

CVE-2023-30644: Samsung RIL Stack Buffer Overflow We have identified a new stack buffer overflow v... 2023-11-28 08:0:0 | 阅读: 0 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io samsung baseband ipcmodem chipsets

CVE-2023-30645: Samsung RIL Heap Buffer Overflow We have identified a new heap buffer overflow vu... 2023-11-28 08:0:0 | 阅读: 3 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io samsung cblen waclen ipcmodem baseband

CVE-2023-30646: Samsung RIL Heap Buffer Overflow We have identified a new heap buffer overflow vu... 2023-11-28 08:0:0 | 阅读: 5 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io data4 samsung puvar2 ipcmodem

CVE-2023-30647: Samsung RIL Heap Buffer Overflow We have identified a new heap buffer overflow vulnerability in Samsung’s Android Radio Inte... 2023-11-28 08:0:0 | 阅读: 5 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io samsung pdvar2 ipcmodem usimpbcapa baseband

CVE-2023-30648: Samsung RIL Stack Buffer Overflow We have identified a new stack buffer overflow v... 2023-11-28 08:0:0 | 阅读: 7 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io samsung ipcmodem pdvar6 baseband

CVE-2023-30649: Samsung RIL Heap Buffer Overflow We have identified a new heap buffer overflow vu... 2023-11-28 08:0:0 | 阅读: 7 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io samsung ipcmodem baseband

Basebanheimer: Now I Am Become Death, The Destroyer Of Chains Talks about baseband vulnerabilities are certainly in fashion these days. However, most pub... 2023-9-21 08:0:0 | 阅读: 1 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io baseband mediatek samsung security

[BugTales] REUnziP: Re-Exploiting Huawei Recovery With FaultyUSB - taszk.io labs Last year we published UnZiploc, our research into Huawei’s OTA update implementation. Back then, we have successfully identified logic vulnerabilities in the implementation of the Huawei rec... 2023-4-10 18:9:9 | 阅读: 16 | 收藏 | labs.taszk.io payload fsg lun curlun mass

CVE-2022-44563: Huawei Recovery Update Zip ToC-ToU Vulnerability We have identified a new Toc-ToU race condition vulnerability in Huawei’s recovery image im... 2023-2-16 08:0:0 | 阅读: 8 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io huawei harmonyos chipset kirin security