Comment by staticassertion
8 hours ago
The specific exploit payload for the POC relies on a su binary. The vuln is ambivalent and other non-su paths will exist.
8 hours ago
The specific exploit payload for the POC relies on a su binary. The vuln is ambivalent and other non-su paths will exist.
Of course, but it does not matter as the entire AF_ALG module is forbidden by SELinux anyway (on Android).
That's fine and a very separate reason why it would not be exploitable, also assuming that the module is not just compiled in since then loading it would be irrelevant.