๐ Samsung Kernel /dev/vipx Pointer Leak
๐ก Newskategorie: PoC
๐ Quelle: packetstormsecurity.com
The function __vipx_ioctl_put_container() in the Samsung kernel calls copy_to_user() on a vs4l_container_list structure that contains a kernel pointer, exposing that kernel pointer to userspace just before it gets passed to kfree(). ...