tags:androidmtepixellpemaligpu original link: Gaining kernel code execution on an MTE-enabled Pixel 8 newsletter link: exploits.club Weekly Newsletter 13
Exploits Club Summary:
 If you have been anywhere near X this week, you probably came across this new post from the man, the myth, the legend, @mmolgtm. This time, he is back for some GPU hacking fun, popping CVE-2023-6241 to gain arbitrary kernel code execution from a malicious application context. Even better, the post demonstrates how MTE is completely useless against the bug because the exploit flow requires no pointer dereferencing, and instead uses the GPU to access physical memory directly.