The Way to Android Root: Exploiting Your GPU on Smartphone

Explore a deep dive into GPU security on mobile devices in this 42-minute Black Hat conference talk focusing on the Qualcomm Adreno GPU. Learn about complex attack surfaces and exploitable vulnerabilities discovered in the Adreno GPU kernel module that can lead to kernel code execution on Qualcomm-based devices. Watch as security researchers demonstrate exploitation of a race condition vulnerability on a fully-patched Android device to obtain root privileges from a zero-permission application with 100% success rate. Understand how the presenters overcame Android kernel mitigations like CFI and W^X using a novel exploit method that leverages GPU features to achieve arbitrary physical memory read/write. Discover technical exploitation details, potential vendor mitigations, and general methods to improve GPU security posture. Presented by Google security experts Xiling Gong, Xuan Xing, and Eugene Rodionov from the Android RedTeam.