THREATOPS
THREAT OPSThreat News › A 0-click exploit chain for the Pixel 9 Part 2: Cracking the Sandbox with a Big Wave

A 0-click exploit chain for the Pixel 9 Part 2: Cracking the Sandbox with a Big Wave

lowproject_zeroPublished 2026-01-14

<p>With the advent of a potential Dolby Unified Decoder RCE exploit, it seemed prudent to see what kind of Linux kernel drivers might be accessible from the resulting userland context, the <code class="language-plaintext highlighter-rouge">mediacodec</code> context. <a href="https://source.android.com/docs/core/media/framework-hardening?authuser=1#mediacodecservice_changes">As per the AOSP documen

Attributed threat actors

MITRE ATT&CK techniques

Indicators of compromise

Original source: https://projectzero.google/2026/01/pixel-0-click-part-2.html