[~]mobilehackerforhire$ hire --now
    cd ../exploit-db
    root@mhfh:~#cat /var/db/exploits/CVE-2023-21492.json
    exploits/CVE-2023-21492.md
    CVE-2023-21492AndroidInfoLeakMedium

    Samsung kernel pointer leak

    affected
    Samsung ≤13
    disclosed
    2023-05-09
    discovered
    2023-01-17
    patched
    May 2023 SMR
    author
    Samsung Mobile
    platform
    Android

    ## description

    Kernel pointers logged to dmesg by a Samsung-specific driver, defeating KASLR. Used by commercial spyware as part of an LPE chain.

    ## impact

    KASLR bypass. Pre-condition for kernel exploitation.

    ## mitigation

    Apply Samsung May 2023 SMR patch.

    ## proof of concept

    # Tail dmesg after triggering driver path
dmesg | grep -E '0x[ff]{4}[0-9a-f]{12}'

    ## downloads

    samsung-kleak.sh
    Leak harness
    1.2 KB

    ## references