How about SELinux, like on Android?
selinux on enforcement mode did not mitigate the exploit when I tested today on fedora coreos :(
To even get the su binary on Android you have to patch the OS. So this exploit can't work on Android. Because there is no su binary to target.
Update: Just tried it on Termux and as expected even creating an AF_ALG socket requires root access.
The specific exploit payload for the POC relies on a su binary. The vuln is ambivalent and other non-su paths will exist.
Of course, but it does not matter as the entire AF_ALG module is forbidden by SELinux anyway (on Android).
I assume that wouldn't help here but I could easily be wrong. (Assuming if you're asking if SELinux would block this exploit).
selinux on enforcement mode did not mitigate the exploit when I tested today on fedora coreos :(
To even get the su binary on Android you have to patch the OS. So this exploit can't work on Android. Because there is no su binary to target.
Update: Just tried it on Termux and as expected even creating an AF_ALG socket requires root access.
The specific exploit payload for the POC relies on a su binary. The vuln is ambivalent and other non-su paths will exist.
Of course, but it does not matter as the entire AF_ALG module is forbidden by SELinux anyway (on Android).
I assume that wouldn't help here but I could easily be wrong. (Assuming if you're asking if SELinux would block this exploit).