Mangkhut exploit chain

Researcher Name: Xiaodong Wang, Hongli Han, Peng Zhou, Guang Gong

Link: https://www.blackhat.com/us-21/briefings/schedule/index.html#typhoon-mangkhut-one-click-remote-universal-root-formed-with-two-vulnerabilities-22946

CVE: CVE-2020-0423

The Binder vulnerability is a UAF vulnerability of the Binder driver, including but not limited to Android 9/Android 10/Android 11 preview. A series of methods bypass the sandbox restrictions and get stable arbitrary read/write in kernel space to achieve local privilege escalation within the sandbox.