Attacking the Android kernel using the Qualcomm TrustZone
CVE-2021-1961 is a vulnerability I discovered in the communication protocol of Qualcomm’s TrustZone (QSEE). It allows you to corrupt memory management data in the protocol, which I exploited into instructing the TrustZone to modify the Android kernel memory, thus achieving arbitrary read/write primitives over physical memory addresses. I turned this powerful primitive into a reliable exploit that works out of the box without the need to be adapted per device/version. Attacking the Android kernel using the Qualcomm TrustZone
