google-project-zero · Crawled Jul 5, 2026

A 0-click exploit chain for the Pixel 9 Part 2: Cracking the Sandbox with a Big Wave

2 IoCs
Read original article ↗

AI Summary

A 0-click exploit chain targeting the Pixel 9 was demonstrated, leveraging a vulnerability in the BigWave kernel driver accessible from the mediacodec SELinux context. The exploit achieves kernel arbitrary read/write via a use-after-free (UAF) in the BIGO_IOCX_PROCESS ioctl handler, enabling sandbox escape and privilege escalation. The attacker can gain root privileges and disable SELinux, culminating in full device compromise. The exploit was integrated with a Dolby decoder vulnerability to form a complete attack chain.

AI-extracted · verify before operational use

Indicators of Compromise 2 extracted

Type Value Detail
IP arbitrary IP address Details →
Filename shell script Details →