CVE-2021-25475: Kernel LPE in the Vision DSP Kernel Driver's ELF Linker There is a vmalloc out of bounds write vulnerability in the vision DSP kernel driver of Sam... 2021-12-14 08:0:0 | 阅读: 2 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io reloc rela shdr firmware relocate

CVE-2021-25491: Kernel NULL Pointer Dereferences due to Missing Error Checks There are a series of memory corruption vulnerabilities in Samsung Exynos kernels, due to i... 2021-12-13 08:0:0 | 阅读: 1 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io dma vmap memory vaddr decon

CVE-2021-25458: Kernel NULL Pointer Dereference in Exynos ION Implementation There is an ION memory buffer type confusion vulnerability in the Exynos ION kernel driver.... 2021-12-13 08:0:0 | 阅读: 2 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io ion iovmm dma rbin samsung

[BugTales] Ouchscreen: Stealing Secrets With A Little Help From Machine Learning Today we share a fun little Huawei bug that adds a twist to our previous forays into Neural... 2021-12-3 08:0:0 | 阅读: 7 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io roi touchscreen sysfs s0 thp

Kernel Vmalloc Use-After-Free in the ION Allocator In this advisory we are disclosing a vmap/vmalloc use-after-free vulnerability within the... 2021-9-22 08:0:0 | 阅读: 2 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io ion dma kmap vaddr allocator

CVE-2021-22434: Huawei Arbitrary Write in BootROM USB Stack During the regular boot sequence, Huawei’s Boot... 2021-8-19 08:0:0 | 阅读: 9 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io xmodem download huawei kirin 0x22000

Test Point Break: Analysis of Huawei’s OTA Fix For BootROM Vulnerabilities Recently we have presented our research on the remote exploitation of Huawei basebands at B... 2021-8-19 08:0:0 | 阅读: 3 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io efuse fpb bootrom huawei ota

CVE-2021-22389: Huawei NPU Kernel Driver Exposes Kernel Structures in Shared Memory The NPU device’s kernel driver implements a cus... 2021-8-2 08:0:0 | 阅读: 6 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io devdrv cq sq hisi huawei

CVE-2021-22390: Huawei NPU Kernel Driver Use-After-Free Due to a bug in the way mappings are closed it is possible to free a kmallocated memory ch... 2021-8-2 08:0:0 | 阅读: 1 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io vma mmapping huawei memory kfree

CVE-2021-22412: Huawei NPU Kernel Driver Shared Memory Out of Bounds Write The NPU device’s kernel driver implements a set of ioctl handlers one of which uses unsani... 2021-8-2 08:0:0 | 阅读: 1 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io devdrv buff huawei sq hwts

CVE-2021-22415: Huawei NPU Kernel Driver Use-After-Free In a previous advisory we disclosed multiple vulnerabilities within the NPU device’s mmap... 2021-8-2 08:0:0 | 阅读: 7 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io huawei memory mapped devdrv crash

CVE-2021-22388: Huawei NPU Kernel Driver Function Pointer Overwrite The NPU device’s kernel driver implements a set... 2021-8-2 08:0:0 | 阅读: 1 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io sqe hwts devdrv sq huawei

[BugTales] Da Vinci Hits a Nerve: Exploiting Huawei’s NPU Driver Samsung’s neural processing framework has received a lot of attention from the security com... 2021-7-30 08:0:0 | 阅读: 7 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io memory vma devdrv shd uxn

CVE-2021-22429: Huawei Buffer Overflow in BootROM USB Stack During the regular boot sequence, Huawei’s Boot... 2021-7-30 08:0:0 | 阅读: 7 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io huawei download trans curr bulk

[BugTales] A Nerve-Racking Bug Collision in Samsung's NPU Driver Last summer I have discovered several vulnerabilities in the implementation of Samsung’s N... 2021-6-8 08:0:0 | 阅读: 2 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io memory ncp overflow ifm kmalloc

About Hugo We provide clients: customized solutions for unique challenges in... 2020-4-11 19:15:32 | 阅读: 1 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io sectors customized automotive

SVE-2017-8975: TOCTOU Race Condition in Samsung TrustZone SCrypto Driver Due to a race condition in input validation, the SCrypto implementation of the drTima secu... 2018-3-3 08:0:0 | 阅读: 1 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io scrypto trustlet mapped software overflow

SVE-2017-8974: TOCTOU Race Condition in Samsung TrustZone SCrypto Driver Due to a race condition in input validation, the SCrypto implementation of the drTima secu... 2018-3-2 08:0:0 | 阅读: 1 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io scrypto encryption mapped trustlet trustlets

SVE-2017-8973: Buffer Overflow in Samsung TrustZone SCrypto Driver Due to missing input validation, the SCrypto implementation of the drTima secure driver (u... 2018-3-1 08:0:0 | 阅读: 6 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io scrypto 3des overflow trustlet trustlets

Unbox Your Phone - Part III. This is the third part of a blog series covering my security research into Samsung’s Trust... 2018-1-30 08:0:0 | 阅读: 1 | 收藏 | Taszk Labs on taszk.io labs - labs.taszk.io tlv tlc comm payload logbuffer