Sign up to save your podcasts
Or
Share EP26 When AI Features Create Zero-Click Exploits: The Pixel 9 Chain with Seth Jenkins
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
EP26 When AI Features Create Zero-Click Exploits: The Pixel 9 Chain with Seth Jenkins
Mobile security boundaries rely on isolating remote, untrusted inputs from highly privileged system components. However, when new automated features are introduced, the available attack surface can shift—sometimes exposing unexpected code paths to remote attackers.
In the latest episode of Behind the Binary, we sit down with Seth Jenkins from Google Project Zero to dissect a full two-bug, zero-click exploitation chain targeting the Pixel 9. By chaining a user-space decoder flaw with a kernel driver race condition and a kernel ASLR bypass, researchers achieved remote code execution and a device-wide SELinux sandbox escape.
Key takeaways from our technical breakdown:
- The AI Attack Surface Shift: How implementing automatic voice message transcription inadvertently exposed the Dolby audio decoder (EAC3) to remote inputs.
- Defeating Userland ASLR: The mechanics of an integer overflow in user space (CVE-2025-54957) and how a partial pointer overwrite bypassed ASLR.
- Rigging the Race Condition: A look inside the "Big Wave" kernel driver use-after-free (CVE-2025-36934), a single bug that allows an attacker to jump from the mediacodec sandbox to the kernel. .
- The Predictable KASLR Reality: How standard ARM64 linear mapping combined with static bootloader placements negated kernel randomization—allowing two arbitrary writes to escalate privileges to root with SELinux disabled.
Join the Community
- Research Hub: Threat research, training events and news:
https://cloud.google.com/security/flare - The FLARE Insider: Get community updates and announcements. To subscribe, email [email protected]
FOLLOW THE SHOW:
- Subscribe: Apple Podcasts | Spotify | YouTube
View all episodes
By Josh Stroschein
5
66 ratings
Mobile security boundaries rely on isolating remote, untrusted inputs from highly privileged system components. However, when new automated features are introduced, the available attack surface can shift—sometimes exposing unexpected code paths to remote attackers.
In the latest episode of Behind the Binary, we sit down with Seth Jenkins from Google Project Zero to dissect a full two-bug, zero-click exploitation chain targeting the Pixel 9. By chaining a user-space decoder flaw with a kernel driver race condition and a kernel ASLR bypass, researchers achieved remote code execution and a device-wide SELinux sandbox escape.
Key takeaways from our technical breakdown:
- The AI Attack Surface Shift: How implementing automatic voice message transcription inadvertently exposed the Dolby audio decoder (EAC3) to remote inputs.
- Defeating Userland ASLR: The mechanics of an integer overflow in user space (CVE-2025-54957) and how a partial pointer overwrite bypassed ASLR.
- Rigging the Race Condition: A look inside the "Big Wave" kernel driver use-after-free (CVE-2025-36934), a single bug that allows an attacker to jump from the mediacodec sandbox to the kernel. .
- The Predictable KASLR Reality: How standard ARM64 linear mapping combined with static bootloader placements negated kernel randomization—allowing two arbitrary writes to escalate privileges to root with SELinux disabled.
Join the Community
- Research Hub: Threat research, training events and news:
https://cloud.google.com/security/flare - The FLARE Insider: Get community updates and announcements. To subscribe, email [email protected]
FOLLOW THE SHOW:
- Subscribe: Apple Podcasts | Spotify | YouTube