Pwning Pixel 6 with a leftover patch

In 2023, a critical security vulnerability, GHSL-2023-005, in the Pixel 6's Arm Mali GPU driver allowed for arbitrary kernel code execution and root access from malicious apps, despite being publicly fixed in a prior driver release in 2022. The issue arose due to a patch oversight during backporting, leaving a loophole that could be exploited by manipulating JIT memory regions. This oversight was not originally flagged as a security issue, leading to a delayed patch and leaving users exposed to potential attacks. The vulnerability hinged on the complex handling of JIT memory and GPU address mappings, ultimately allowing for unauthorized access to kernel memory. The exploit involved a race condition during memory allocation processes, which could be leveraged to gain control over system resources. The problem was quietly addressed in a March 2023 update, but the delayed application of the patch highlights the need for more transparent security patching processes to prevent prolonged exposure to such vulnerabilities.