Quarkslab
@quarkslab.bsky.social
Securing every bit of your data
https://quarkslab.com
https://quarkslab.com
Pinned
Our 2025-2026 internship season has started.
Check out the list of openings and apply for fun and knowledge!
blog.quarkslab.com/internship-offers-for-the-2025-2026-season.html
Check out the list of openings and apply for fun and knowledge!
blog.quarkslab.com/internship-offers-for-the-2025-2026-season.html
Reposted by Quarkslab
We are pleased to announce that the KubeVirt Security Audit report has been published, in collaboration with @quarkslab.bsky.social and @ostifofficial.bsky.social
Check out our blog post for all the details: kubevirt.io/2025/Announc...
Check out our blog post for all the details: kubevirt.io/2025/Announc...
Announcing the results of our Security Audit | KubeVirt.io
As part of our application to Graduate, KubeVirt has a security audit performed by a third-party, organised through the CNCF and OSTIF.
kubevirt.io
November 12, 2025 at 8:22 AM
We are pleased to announce that the KubeVirt Security Audit report has been published, in collaboration with @quarkslab.bsky.social and @ostifofficial.bsky.social
Check out our blog post for all the details: kubevirt.io/2025/Announc...
Check out our blog post for all the details: kubevirt.io/2025/Announc...
KubeVirt is open source virtualization technology for Kubernetes.
Recently we worked with the @kubevirt team on a security audit sponsored by @OSTIFofficial 🙏
Read a summary of our findings and find the full report here:
blog.quarkslab.com/kubevirt-sec...
Recently we worked with the @kubevirt team on a security audit sponsored by @OSTIFofficial 🙏
Read a summary of our findings and find the full report here:
blog.quarkslab.com/kubevirt-sec...
November 7, 2025 at 4:27 PM
KubeVirt is open source virtualization technology for Kubernetes.
Recently we worked with the @kubevirt team on a security audit sponsored by @OSTIFofficial 🙏
Read a summary of our findings and find the full report here:
blog.quarkslab.com/kubevirt-sec...
Recently we worked with the @kubevirt team on a security audit sponsored by @OSTIFofficial 🙏
Read a summary of our findings and find the full report here:
blog.quarkslab.com/kubevirt-sec...
Our 2025-2026 internship season has started.
Check out the list of openings and apply for fun and knowledge!
blog.quarkslab.com/internship-offers-for-the-2025-2026-season.html
Check out the list of openings and apply for fun and knowledge!
blog.quarkslab.com/internship-offers-for-the-2025-2026-season.html
October 21, 2025 at 9:51 AM
Our 2025-2026 internship season has started.
Check out the list of openings and apply for fun and knowledge!
blog.quarkslab.com/internship-offers-for-the-2025-2026-season.html
Check out the list of openings and apply for fun and knowledge!
blog.quarkslab.com/internship-offers-for-the-2025-2026-season.html
From kernel oops to kernel exploit: How two little bugs (CVE-2025-23330, CVE-2025-23280) in #NVIDIA open GPU #Linux driver can lead to full system compromise.
Full technical breakdown inside, #vmalloc exploitation technique included!
blog.quarkslab.com/nvidia_gpu_k...
Full technical breakdown inside, #vmalloc exploitation technique included!
blog.quarkslab.com/nvidia_gpu_k...
Oops! It's a kernel stack use-after-free: Exploiting NVIDIA's GPU Linux drivers - Quarkslab's blog
This article details two bugs discovered in the NVIDIA Linux Open GPU Kernel Modules and demonstrates how they can be exploited. The bugs can be triggered by an attacker controlling a local unprivileg...
blog.quarkslab.com
October 14, 2025 at 4:37 PM
From kernel oops to kernel exploit: How two little bugs (CVE-2025-23330, CVE-2025-23280) in #NVIDIA open GPU #Linux driver can lead to full system compromise.
Full technical breakdown inside, #vmalloc exploitation technique included!
blog.quarkslab.com/nvidia_gpu_k...
Full technical breakdown inside, #vmalloc exploitation technique included!
blog.quarkslab.com/nvidia_gpu_k...
Finding a buggy driver is one thing, abusing it is another🧠
In his latest blog post, Luis Casvella shows you how BYOVD can be used as a Reflective Rootkit Loader ! 🚀
➡️ blog.quarkslab.com/exploiting-l...
In his latest blog post, Luis Casvella shows you how BYOVD can be used as a Reflective Rootkit Loader ! 🚀
➡️ blog.quarkslab.com/exploiting-l...
October 9, 2025 at 4:22 PM
Finding a buggy driver is one thing, abusing it is another🧠
In his latest blog post, Luis Casvella shows you how BYOVD can be used as a Reflective Rootkit Loader ! 🚀
➡️ blog.quarkslab.com/exploiting-l...
In his latest blog post, Luis Casvella shows you how BYOVD can be used as a Reflective Rootkit Loader ! 🚀
➡️ blog.quarkslab.com/exploiting-l...
Quantum computers are not quite here yet, but now's the time to get ready. After updating their protocol in 2023, @signal.org is now proposing a post-quantum version of their Double Ratchet for message encryption.
Let's see what Signal looks like now!
blog.quarkslab.com/triple-threa...
Let's see what Signal looks like now!
blog.quarkslab.com/triple-threa...
October 7, 2025 at 2:25 PM
Quantum computers are not quite here yet, but now's the time to get ready. After updating their protocol in 2023, @signal.org is now proposing a post-quantum version of their Double Ratchet for message encryption.
Let's see what Signal looks like now!
blog.quarkslab.com/triple-threa...
Let's see what Signal looks like now!
blog.quarkslab.com/triple-threa...
Reposted by Quarkslab
Brand new paper with Roxane Cohen, Robin David (both from @quarkslab.bsky.social ) and Florian Yger on obfuscation detection in binary code doi.org/10.1007/s411... We show that carefully selected features can be leveraged by graph neural networks to outperform classical solutions.
Identifying obfuscated code through graph-based semantic analysis of binary code - Applied Network Science
Protecting sensitive program content is a critical concern in various situations, ranging from legitimate use cases to unethical contexts. Obfuscation is one of the most used techniques to ensure such a protection. Consequently, attackers must first detect and characterize obfuscation before launching any attack against it. This paper investigates the problem of function-level obfuscation detection using graph-based approaches, comparing algorithms, from classical baselines to advanced techniques like Graph Neural Networks (GNN), on different feature choices. We consider various obfuscation types and obfuscators, resulting in two complex datasets. Our findings demonstrate that GNNs need meaningful features that capture aspects of function semantics to outperform baselines. Our approach shows satisfactory results, especially in a challenging 11-class classification task and in two practical binary analysis examples. It highlights how much obfuscation and optimization are intertwined in binary code and that a better comprehension of these two principles are fundamental in order to obtain better detection results.
doi.org
September 30, 2025 at 5:03 PM
Brand new paper with Roxane Cohen, Robin David (both from @quarkslab.bsky.social ) and Florian Yger on obfuscation detection in binary code doi.org/10.1007/s411... We show that carefully selected features can be leveraged by graph neural networks to outperform classical solutions.
BYOVD is a well-known technique commonly used by threat actors to kill EDR 🔪
However, with the right primitives, you can do much more.
Find out how Luis Casvella found and exploited 4 vulns (CVE-2025-8061) in a signed Lenovo driver.
👇
blog.quarkslab.com/exploiting-l...
However, with the right primitives, you can do much more.
Find out how Luis Casvella found and exploited 4 vulns (CVE-2025-8061) in a signed Lenovo driver.
👇
blog.quarkslab.com/exploiting-l...
September 23, 2025 at 5:01 PM
BYOVD is a well-known technique commonly used by threat actors to kill EDR 🔪
However, with the right primitives, you can do much more.
Find out how Luis Casvella found and exploited 4 vulns (CVE-2025-8061) in a signed Lenovo driver.
👇
blog.quarkslab.com/exploiting-l...
However, with the right primitives, you can do much more.
Find out how Luis Casvella found and exploited 4 vulns (CVE-2025-8061) in a signed Lenovo driver.
👇
blog.quarkslab.com/exploiting-l...
RTFM they say but if you read the manual and copy code examples from it you may inadvertently introduce vulns in your code 🙀
In April we audited the PHP code. Now we followed up with a review of the code snippets in PHP documentation and found 81 issues 👇
blog.quarkslab.com/security-rev...
In April we audited the PHP code. Now we followed up with a review of the code snippets in PHP documentation and found 81 issues 👇
blog.quarkslab.com/security-rev...
Security review of PHP documentation - Quarkslab's blog
The Open Source Technology Improvement Fund, Inc., engaged with Quarkslab to perform a security audit of the code snippets in the English version of PHP documentation, focused on some specific pages.
blog.quarkslab.com
September 22, 2025 at 3:51 PM
RTFM they say but if you read the manual and copy code examples from it you may inadvertently introduce vulns in your code 🙀
In April we audited the PHP code. Now we followed up with a review of the code snippets in PHP documentation and found 81 issues 👇
blog.quarkslab.com/security-rev...
In April we audited the PHP code. Now we followed up with a review of the code snippets in PHP documentation and found 81 issues 👇
blog.quarkslab.com/security-rev...
The two bytes that make size matter:
Reverse engineering Apple's iOS 0-click CVE-2025-43300 improved bounds checking fix, by Madimodi Diawara
blog.quarkslab.com/patch-analys...
Reverse engineering Apple's iOS 0-click CVE-2025-43300 improved bounds checking fix, by Madimodi Diawara
blog.quarkslab.com/patch-analys...
September 4, 2025 at 4:09 PM
The two bytes that make size matter:
Reverse engineering Apple's iOS 0-click CVE-2025-43300 improved bounds checking fix, by Madimodi Diawara
blog.quarkslab.com/patch-analys...
Reverse engineering Apple's iOS 0-click CVE-2025-43300 improved bounds checking fix, by Madimodi Diawara
blog.quarkslab.com/patch-analys...
Hacking & Barbecue in the south of France. What could possibly be better?
Barbhack starts this Saturday in Toulon and we're giving away a ticket to a student nearby looking to live the experience
Send us a Chat msg with your name and school
We will notify the winner tonight
www.barbhack.fr/2025/fr/
Barbhack starts this Saturday in Toulon and we're giving away a ticket to a student nearby looking to live the experience
Send us a Chat msg with your name and school
We will notify the winner tonight
www.barbhack.fr/2025/fr/
August 26, 2025 at 3:05 PM
Hacking & Barbecue in the south of France. What could possibly be better?
Barbhack starts this Saturday in Toulon and we're giving away a ticket to a student nearby looking to live the experience
Send us a Chat msg with your name and school
We will notify the winner tonight
www.barbhack.fr/2025/fr/
Barbhack starts this Saturday in Toulon and we're giving away a ticket to a student nearby looking to live the experience
Send us a Chat msg with your name and school
We will notify the winner tonight
www.barbhack.fr/2025/fr/
🚀Ever heard of ControlPlane, software to help you automate tasks on macOS? Turns out, it might also help you become root.
Oops! 😱 @coiffeur0x90 found a Local Privilege Escalation vulnerability.
Read before someone automates your admin rights
👉 blog.quarkslab.com/controlplane...
Oops! 😱 @coiffeur0x90 found a Local Privilege Escalation vulnerability.
Read before someone automates your admin rights
👉 blog.quarkslab.com/controlplane...
ControlPlane Local Privilege Escalation Vulnerability on macOS - Quarkslab's blog
A technical exploration of Local Privilege Escalation Vulnerability in ControlPlane on macOS.
blog.quarkslab.com
July 15, 2025 at 5:09 PM
🚀Ever heard of ControlPlane, software to help you automate tasks on macOS? Turns out, it might also help you become root.
Oops! 😱 @coiffeur0x90 found a Local Privilege Escalation vulnerability.
Read before someone automates your admin rights
👉 blog.quarkslab.com/controlplane...
Oops! 😱 @coiffeur0x90 found a Local Privilege Escalation vulnerability.
Read before someone automates your admin rights
👉 blog.quarkslab.com/controlplane...
You finally pwned the Holy Confluence server. What now? Create a user? Reset a password?
🚨Best way to trigger an alert
What if you craft your own Personal Access Token 🔑 for the Admin account ?
Find out how in this blog post by Quarkslab's Red Teamer YV
blog.quarkslab.com/a-story-abou...
🚨Best way to trigger an alert
What if you craft your own Personal Access Token 🔑 for the Admin account ?
Find out how in this blog post by Quarkslab's Red Teamer YV
blog.quarkslab.com/a-story-abou...
July 3, 2025 at 3:56 PM
You finally pwned the Holy Confluence server. What now? Create a user? Reset a password?
🚨Best way to trigger an alert
What if you craft your own Personal Access Token 🔑 for the Admin account ?
Find out how in this blog post by Quarkslab's Red Teamer YV
blog.quarkslab.com/a-story-abou...
🚨Best way to trigger an alert
What if you craft your own Personal Access Token 🔑 for the Admin account ?
Find out how in this blog post by Quarkslab's Red Teamer YV
blog.quarkslab.com/a-story-abou...
The leHack conference (@le-hack.bsky.social) starts tomorrow at the Cité des Sciences et de l’Industrie in Paris.
We will be there to meet with peers and friends.
3 technical talks, a cool challenge & our famous Car in a Box to play with.
Come and say hi at booth 20.
Full program here:
lehack.org
We will be there to meet with peers and friends.
3 technical talks, a cool challenge & our famous Car in a Box to play with.
Come and say hi at booth 20.
Full program here:
lehack.org
leHACK 2025 incoming! - leHACK
false
lehack.org
June 26, 2025 at 12:36 PM
The leHack conference (@le-hack.bsky.social) starts tomorrow at the Cité des Sciences et de l’Industrie in Paris.
We will be there to meet with peers and friends.
3 technical talks, a cool challenge & our famous Car in a Box to play with.
Come and say hi at booth 20.
Full program here:
lehack.org
We will be there to meet with peers and friends.
3 technical talks, a cool challenge & our famous Car in a Box to play with.
Come and say hi at booth 20.
Full program here:
lehack.org
Are you a network protocol reverse engineer? Tired of writing Wireshark plugins in memory unsafe or esoteric languages named after celestial objects?
Now you can do it in a few lines of Go, Python or Rust with Wirego.
Benoit Girard explains how here:
blog.quarkslab.com/getting-star...
Now you can do it in a few lines of Go, Python or Rust with Wirego.
Benoit Girard explains how here:
blog.quarkslab.com/getting-star...
June 10, 2025 at 4:29 PM
Are you a network protocol reverse engineer? Tired of writing Wireshark plugins in memory unsafe or esoteric languages named after celestial objects?
Now you can do it in a few lines of Go, Python or Rust with Wirego.
Benoit Girard explains how here:
blog.quarkslab.com/getting-star...
Now you can do it in a few lines of Go, Python or Rust with Wirego.
Benoit Girard explains how here:
blog.quarkslab.com/getting-star...
Attention ✨WomenAtSSTIC✨
We meet at 18:00 today at L'Equinoxe:
3 Place des Lices, 35000 Rennes
See you there!
#sstic2025
We meet at 18:00 today at L'Equinoxe:
3 Place des Lices, 35000 Rennes
See you there!
#sstic2025
Are you a cyber professional, or a future one, coming to #sstic2025 next week?
Come to ✨WomenATsstic✨, an informal and unofficial friendly meetup on Wednesday, June 4th at 6 pm.
We will reserve a bar/café near the Halle Martenot. Register here:
framadate.org/hH2t9FcRtgEG...
Come to ✨WomenATsstic✨, an informal and unofficial friendly meetup on Wednesday, June 4th at 6 pm.
We will reserve a bar/café near the Halle Martenot. Register here:
framadate.org/hH2t9FcRtgEG...
Sondage - Women@sstic 2025 - Framadate
Framadate est un service en ligne permettant de planifier un rendez-vous ou prendre des décisions rapidement et simplement.
framadate.org
June 4, 2025 at 12:07 PM
Attention ✨WomenAtSSTIC✨
We meet at 18:00 today at L'Equinoxe:
3 Place des Lices, 35000 Rennes
See you there!
#sstic2025
We meet at 18:00 today at L'Equinoxe:
3 Place des Lices, 35000 Rennes
See you there!
#sstic2025
Are you a cyber professional, or a future one, coming to #sstic2025 next week?
Come to ✨WomenATsstic✨, an informal and unofficial friendly meetup on Wednesday, June 4th at 6 pm.
We will reserve a bar/café near the Halle Martenot. Register here:
framadate.org/hH2t9FcRtgEG...
Come to ✨WomenATsstic✨, an informal and unofficial friendly meetup on Wednesday, June 4th at 6 pm.
We will reserve a bar/café near the Halle Martenot. Register here:
framadate.org/hH2t9FcRtgEG...
Sondage - Women@sstic 2025 - Framadate
Framadate est un service en ligne permettant de planifier un rendez-vous ou prendre des décisions rapidement et simplement.
framadate.org
May 30, 2025 at 3:01 PM
Are you a cyber professional, or a future one, coming to #sstic2025 next week?
Come to ✨WomenATsstic✨, an informal and unofficial friendly meetup on Wednesday, June 4th at 6 pm.
We will reserve a bar/café near the Halle Martenot. Register here:
framadate.org/hH2t9FcRtgEG...
Come to ✨WomenATsstic✨, an informal and unofficial friendly meetup on Wednesday, June 4th at 6 pm.
We will reserve a bar/café near the Halle Martenot. Register here:
framadate.org/hH2t9FcRtgEG...
Good morning Singapore!
The amazing Off by One Conference 2025 starts today.
If you are attending don't miss Fred Raynal's (our fearless CEO) keynote at 9:35am:
"Spyware for rent & the world of offensive cyber"
The full agenda is available here:
offbyone.sg/agenda
The amazing Off by One Conference 2025 starts today.
If you are attending don't miss Fred Raynal's (our fearless CEO) keynote at 9:35am:
"Spyware for rent & the world of offensive cyber"
The full agenda is available here:
offbyone.sg/agenda
May 7, 2025 at 11:57 PM
Good morning Singapore!
The amazing Off by One Conference 2025 starts today.
If you are attending don't miss Fred Raynal's (our fearless CEO) keynote at 9:35am:
"Spyware for rent & the world of offensive cyber"
The full agenda is available here:
offbyone.sg/agenda
The amazing Off by One Conference 2025 starts today.
If you are attending don't miss Fred Raynal's (our fearless CEO) keynote at 9:35am:
"Spyware for rent & the world of offensive cyber"
The full agenda is available here:
offbyone.sg/agenda
Quarkslab was glad to sponsor the Real World Cryptography Paris Meetup 4 hosted by @Ledger last night.
Julio Loayza Meneses talked about crypto-condor, our open source tool to test cryptography implementations.
You can learn more about it here:
quarkslab.github.io/crypto-condo...
Julio Loayza Meneses talked about crypto-condor, our open source tool to test cryptography implementations.
You can learn more about it here:
quarkslab.github.io/crypto-condo...
April 30, 2025 at 3:32 PM
Quarkslab was glad to sponsor the Real World Cryptography Paris Meetup 4 hosted by @Ledger last night.
Julio Loayza Meneses talked about crypto-condor, our open source tool to test cryptography implementations.
You can learn more about it here:
quarkslab.github.io/crypto-condo...
Julio Loayza Meneses talked about crypto-condor, our open source tool to test cryptography implementations.
You can learn more about it here:
quarkslab.github.io/crypto-condo...
Look at those cute little blobs in your internal network. They look harmless, but how about the one carrying SOCKS?
It's ProxyBlob, a reverse proxy over Azure.
Check out Alexandre Nesic's article on how it came to exist after an assumed breach mission ⤵️
👉 blog.quarkslab.com/proxyblobing...
It's ProxyBlob, a reverse proxy over Azure.
Check out Alexandre Nesic's article on how it came to exist after an assumed breach mission ⤵️
👉 blog.quarkslab.com/proxyblobing...
April 29, 2025 at 5:32 PM
Look at those cute little blobs in your internal network. They look harmless, but how about the one carrying SOCKS?
It's ProxyBlob, a reverse proxy over Azure.
Check out Alexandre Nesic's article on how it came to exist after an assumed breach mission ⤵️
👉 blog.quarkslab.com/proxyblobing...
It's ProxyBlob, a reverse proxy over Azure.
Check out Alexandre Nesic's article on how it came to exist after an assumed breach mission ⤵️
👉 blog.quarkslab.com/proxyblobing...
While casually reading Moodle's code Mathieu Farrell found a SSRF bug exploitable by any authenticated user.
Fun twist? This vuln matches exactly the example Orange Tsai presented at Black Hat 2017.
Real life imitates conference slides 😅
Details here:
blog.quarkslab.com/auditing-moo...
Fun twist? This vuln matches exactly the example Orange Tsai presented at Black Hat 2017.
Real life imitates conference slides 😅
Details here:
blog.quarkslab.com/auditing-moo...
April 22, 2025 at 4:04 PM
While casually reading Moodle's code Mathieu Farrell found a SSRF bug exploitable by any authenticated user.
Fun twist? This vuln matches exactly the example Orange Tsai presented at Black Hat 2017.
Real life imitates conference slides 😅
Details here:
blog.quarkslab.com/auditing-moo...
Fun twist? This vuln matches exactly the example Orange Tsai presented at Black Hat 2017.
Real life imitates conference slides 😅
Details here:
blog.quarkslab.com/auditing-moo...
Reposted by Quarkslab
We are so excited to announce the publication of our audit of PHP core! This work was made possible through a collaboration between OSTIF, @thephpf.bsky.social, and @quarkslab.bsky.social with funding provided by @sovereign.tech. For the report and further links, check out ostif.org/php-audit-co...
April 10, 2025 at 7:12 PM
We are so excited to announce the publication of our audit of PHP core! This work was made possible through a collaboration between OSTIF, @thephpf.bsky.social, and @quarkslab.bsky.social with funding provided by @sovereign.tech. For the report and further links, check out ostif.org/php-audit-co...
Reposted by Quarkslab
We are pleased to announce the completion of security audit of PHP core!
Executed by @quarkslab.bsky.social in partnership with @ostifofficial.bsky.social and commissioned by the @sovereign.tech.
Learn more: thephp.foundation/blog/2025/04...
Executed by @quarkslab.bsky.social in partnership with @ostifofficial.bsky.social and commissioned by the @sovereign.tech.
Learn more: thephp.foundation/blog/2025/04...
PHP Core Security Audit Results
The PHP Foundation — Supporting, Advancing, and Developing the PHP Language
thephp.foundation
April 10, 2025 at 2:54 PM
We are pleased to announce the completion of security audit of PHP core!
Executed by @quarkslab.bsky.social in partnership with @ostifofficial.bsky.social and commissioned by the @sovereign.tech.
Learn more: thephp.foundation/blog/2025/04...
Executed by @quarkslab.bsky.social in partnership with @ostifofficial.bsky.social and commissioned by the @sovereign.tech.
Learn more: thephp.foundation/blog/2025/04...
Quarkslab audited PHP-SRC, the open source interpreter of PHP.
The security audit, sponsored by @ostifofficial.bsky.social with funding from @sovereign.tech, aimed at strengthening the project's security ahead of the upcoming PHP 8.4 release.
Here's what we found:
blog.quarkslab.com/security-aud...
The security audit, sponsored by @ostifofficial.bsky.social with funding from @sovereign.tech, aimed at strengthening the project's security ahead of the upcoming PHP 8.4 release.
Here's what we found:
blog.quarkslab.com/security-aud...
Security audit of PHP-SRC
The Open Source Technology Improvement Fund, Inc, thanks to funding provided by Sovereign Tech Fund, engaged with Quarkslab to perform a security audit of PHP-SRC, the interpreter of the PHP language.
blog.quarkslab.com
April 10, 2025 at 3:18 PM
Quarkslab audited PHP-SRC, the open source interpreter of PHP.
The security audit, sponsored by @ostifofficial.bsky.social with funding from @sovereign.tech, aimed at strengthening the project's security ahead of the upcoming PHP 8.4 release.
Here's what we found:
blog.quarkslab.com/security-aud...
The security audit, sponsored by @ostifofficial.bsky.social with funding from @sovereign.tech, aimed at strengthening the project's security ahead of the upcoming PHP 8.4 release.
Here's what we found:
blog.quarkslab.com/security-aud...
There is a small bug in the signature verification of OTA packages in the Android Open Source Framework.
Official builds doing normal double verification of packages are not vulnerable but OEMs and third party apps may be.
Jérémy Jourdois explains it here:
blog.quarkslab.com/aosp_ota_sig...
Official builds doing normal double verification of packages are not vulnerable but OEMs and third party apps may be.
Jérémy Jourdois explains it here:
blog.quarkslab.com/aosp_ota_sig...
A small bug in the signature verification of AOSP OTA packages
A signature verification bypass in a function that verifies the integrity of ZIP archives in the AOSP framework
blog.quarkslab.com
April 8, 2025 at 5:51 PM
There is a small bug in the signature verification of OTA packages in the Android Open Source Framework.
Official builds doing normal double verification of packages are not vulnerable but OEMs and third party apps may be.
Jérémy Jourdois explains it here:
blog.quarkslab.com/aosp_ota_sig...
Official builds doing normal double verification of packages are not vulnerable but OEMs and third party apps may be.
Jérémy Jourdois explains it here:
blog.quarkslab.com/aosp_ota_sig...