You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Newer basebands have protection against memory dumping through a mysterious TBL structure in the bootload. I suspect this is from TrustZone or SBOOT as I can't see any reference to it in the kernel sources. A field in this TBL structure is read by the modem bootloader when entering into dump magic mode. This field describes the security state of the device and if unlocked, a dump of the modem cannot be made ever again (at least without a trustzone exploit or bootloader exploit). Investigate the data that CBD can send to the modem bootloader. Can it influence its operation?
The text was updated successfully, but these errors were encountered:
Newer basebands have protection against memory dumping through a mysterious TBL structure in the bootload. I suspect this is from TrustZone or SBOOT as I can't see any reference to it in the kernel sources. A field in this TBL structure is read by the modem bootloader when entering into dump magic mode. This field describes the security state of the device and if unlocked, a dump of the modem cannot be made ever again (at least without a trustzone exploit or bootloader exploit). Investigate the data that CBD can send to the modem bootloader. Can it influence its operation?
The text was updated successfully, but these errors were encountered: