1. Forum
  2. tqwNet
  3. TQW LINUX

  • A 0-click exploit chain for the Pixel 9 (Project Zero)

    From LWN.net@1337:1/100 to All on Fri Jan 16 00:15:08 2026
    A 0-click exploit chain for the Pixel 9 (Project Zero)

    Date:
    Fri, 16 Jan 2026 00:04:38 +0000

    Description:
    The Project Zero blog has a
    three-part series describing a working, zero-click exploit for
    Pixel9 devices. Over the past few years, several AI-powered features have been
    added to mobile phones that allow users to better search and
    understand their messages. One effect of this change is increased
    0-click attack surface, as efficient analysis often requires
    message media to be decoded before the message is opened by the
    user. One such feature is audio transcription. Incoming SMS and RCS
    audio attachments received by Google Messages are now automatically
    decoded with no user interaction. As a result, audio decoders are
    now in the 0-click attack surface of most Android phones. The blog entry does not question the wisdom of directly exposing audio
    decoders to external attackers, but it does provide a lot of detail showing
    how it can go wrong. The first part looks at compromising the codec; part
    two extends the exploit to the kernel, and part
    three looks at the implications: It is alarming that it took 139 days for a vulnerability
    exploitable in a 0-click context to get patched on any Android
    device, and it took Pixel 54 days longer. The vulnerability was
    public for 82 days before it was patched by Pixel.

    ======================================================================
    Link to news story:
    https://lwn.net/Articles/1054547/


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)