Exploiting CVE-2024-1065 via the Page Cache — A Physical-Page UAF in the ARM Mali GPU Driver

CVE-2024-1065 is a physical-page use-after-free in the ARM Mali GPU kernel driver. Because the freed page lands in MIGRATE_MOVABLE, Dirty Pagetable and Dirty Cred do not apply — so this writeup uses a page-cache spray to swap the freed page into the in-memory copy of /usr/bin/passwd and gets root via execve() without touching disk.

Attacking Samsung RKP

Attacking Samsung RKP: Three Bypasses of EL2 Kernel Protection on Exynos Devices

An original English rewrite of Alexandre Adamski’s 2021 Impalabs deep dive into Samsung’s Real-time Kernel Protection (RKP). The post walks through three independent vulnerabilities — CVE-2021-25415, CVE-2021-25416 and CVE-2021-25417 — that let a kernel-level attacker remap hypervisor memory as writable, sneak executable kernel pages through the “dynamic load” interface, and modify RKP-protected read-only kernel memory. All credit for the research belongs to the original author and Impalabs.

iOS application hardening and mobile security protection concept

Essential iOS Hardening: A Practical Guide to Defending iPhones Against Modern Spyware

A practical, security-engineering view of the essential iOS hardening steps every iPhone user — and especially high-risk targets — should apply: Lockdown Mode, Advanced Data Protection, attack-surface reduction, deep reboots, and detection with tooling like iVerify. Based on and credited to “Essential iOS Hardening Steps” by Officer’s Notes, published on Medium (Technology Hits).