tags:linuxkernelrace_conditionuafGSM original link: ioxide: N_GSM 0 day newsletter link: exploits.club Weekly Newsletter 35 - NPU exploits, Phrack 71, 2014 Tablet Hacks, and More
Exploits Club Summary:
@roddux dropped a what was a second 0day in n_gsm. Following just a few months after his release of germy, the new repo published this week includes a crash PoC and some notes on the bug itself. The core issue revolves around a race condition leading to a UAF. The notes also include a KASAN splat and some ideas on how a full exploit for this might be written. (Un)fortunately, this was mitigated in a patch released this month.