EIP-2026-100023

PRE-CVE

Google Android - 'cfp_ropp_new_key_reenc' / 'cfp_ropp_new_key' RKP Memory Corruption

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100023. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit leverages Samsung RKP hypervisor commands to corrupt memory and gain code execution in EL2 by manipulating translation table entries. It exploits improper address validation in RKP commands to write to protected memory regions.

Description

Google Android - 'cfp_ropp_new_key_reenc' / 'cfp_ropp_new_key' RKP Memory Corruption

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosandroid

https://www.exploit-db.com/exploits/41211

View Code ZIP pw:eip

This exploit leverages Samsung RKP hypervisor commands to corrupt memory and gain code execution in EL2 by manipulating translation table entries. It exploits improper address validation in RKP commands to write to protected memory regions.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Complex

Reliability

Reliable

Target: Samsung RKP (Real-time Kernel Protection) hypervisor

Auth required

Prerequisites: Code execution in EL1 · Knowledge of RKP memory layout

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026