Log inOpen app
Andrey Konovalov
1,521 posts
user avatar
Andrey Konovalov
@andreyknvl
Security engineer at xairy.io. Focusing on the Linux kernel. Maintaining @linkersec. Trainings at xairy.io/trainings.
xairy.io
Joined February 2014
865
Following
7,486
Followers
RepliesRepliesMediaMedia
user avatar
@andreyknvl

See Andrey Konovalov’s full profile

Open X

New to X?

Sign up now to get your own personalized timeline!

Create account

By signing up, you agree to the Terms of Service and Privacy Policy, including Cookie Use.

Terms·Privacy·Cookies·Accessibility·Ads Info·© 2026 X Corp.
Don't miss what's happening
People on X are the first to know.
Log inSign up
  • Pinned
    user avatar
    Andrey Konovalov
    @andreyknvl
    May 27
    Gonna be teaching Exploiting the Linux Kernel training at RomHack in Rome on September 28 — October 1st. Last planned session of this training for the year. Early Bird discount until the end of the week.
    user avatar
    Cyber Saiyan | RomHack Conference, Training, Camp
    @cybersaiyanIT
    Mar 2
    RomHack Training registration is officially open. Join us in Rome from September 28 to October 1 for six intensive technical tracks led by industry experts: Full details and registration: romhack.training #RomHack2026 #RomHackTraining
    2
    28
    3.5K
  • user avatar
    Andrey Konovalov
    @andreyknvl
    Aug 18, 2022
    WTF, @github is planning to ban me. No idea why. Hosting proof-of-concept code? Having given talks at Russian conferences? Holding a Russian passport (even though I've been a German resident for last 6 years)? No meaningful explanation given. Any good decentralized githubs yet?
    63
    150
    843
  • user avatar
    Andrey Konovalov
    @andreyknvl
    May 2, 2022
    Wrote an article about #fuzzing the Linux kernel network stack externally with #syzkaller. The article covers: 🧰 Introduction to syzkaller 💉 Using TUN/TAP for packet injection 👽 Integrating TUN/TAP via pseudo-syscalls 🏆 Showcases of found bugs
    🔍 Looking for Remote Code Execution bugs in the Linux kernel
    From xairy.io
    5
    244
    674
  • user avatar
    Andrey Konovalov
    @andreyknvl
    Feb 22, 2024
    Wrote an article about turning a ThinkPad X1 Carbon 6th Gen laptop into a programmable USB device by enabling the xDCI controller 😯 Now I can emulate USB devices from the laptop without external hardware, including via Raw Gadget or even Facedancer 😁
    xairy.io
    🤫 Unlocking secret ThinkPad functionality for emulating USB devices
    Enabling and using xDCI controller on ThinkPad X1 Carbon 6th Gen
    8
    177
    598
    54K
  • user avatar
    Andrey Konovalov
    @andreyknvl
    Aug 13, 2017
    Linux kernel local root exploit for CVE-2017-1000112 github.com/xairy/kernel-e…
    2
    343
    486
  • user avatar
    Andrey Konovalov
    @andreyknvl
    Sep 30, 2021
    Memory tagging is coming to kill all of your favorite Linux kernel exploits. I'll be premiering my "Mitigating Linux kernel memory corruptions with Arm Memory Tagging" LSS talk on YouTube in 24 hours. Please join in! I'll be in chat to answer questions. youtube.com/watch?v=UwMt0e…
    6
    109
    486
  • user avatar
    Andrey Konovalov
    @andreyknvl
    Jul 28, 2025
    Documented instructions for setting up KGDB on Pixel 8. Including getting kernel log over UART via USB-Cereal, building/flashing custom kernel, breaking into KGDB via /proc/sysrq-trigger or by sending SysRq-G over serial, dealing with watchdogs, etc.
    📲 Debugging the Pixel 8 kernel via KGDB
    From xairy.io
    5
    144
    462
    35K
  • user avatar
    Andrey Konovalov
    @andreyknvl
    Feb 28, 2025
    Looks like we have a confirmation that Cellebrite uses memory corruptions in Linux kernel USB drivers to unlock Android phones. First 2 bugs seem easily discoverable by syzkaller/syzbot with a bit of extra descriptions. 3rd one is likely as well ⤵️
    user avatar
    GrapheneOS
    @GrapheneOS
    Feb 28, 2025
    securitylab.amnesty.org/latest/2025/02… Amnesty International’s Security Lab has a post about 3 vulnerabilities exploited by Cellebrite to extract data from locked Android devices. GrapheneOS blocked exploiting these vulnerabilities in multiple different ways. We also patched them much earlier.
    6
    80
    400
    109K
  • user avatar
    Andrey Konovalov
    @andreyknvl
    Nov 11, 2024
    Getting made fun of because you cover laptop webcam with a sticker? 😭 Here are materials from my talk about controlling ThinkPad X230 webcam LED over USB presented at POC by @POC_Crew 😎 Use these as a comeback 😁 Slides: docs.google.com/presentation/d… Code: github.com/xairy/lights-o…
    9
    136
    394
    51K
  • user avatar
    Andrey Konovalov
    @andreyknvl
    Feb 15, 2019
    Slides for my "Coverage-guided USB Fuzzing with Syzkaller" talk @offensive_con
    docs.google.com
    2019, OffensiveCon: Coverage-Guided USB Fuzzing with Syzkaller
    Coverage-Guided USB Fuzzing with Syzkaller Andrey Konovalov OffensiveCon February 15th 2019
    3
    138
    303
  • user avatar
    Andrey Konovalov
    @andreyknvl
    Sep 16, 2022
    Slides for "Sanitizing the Linux kernel: On KASAN and other Dynamic Bug-finding Tools", the talk I just gave at Linux Security Summit Europe 2022. Covers: 🐧 Generic KASAN implementation 🔥 Other Sanitizers 🗡 Extending KASAN and KMSAN to find more bugs docs.google.com/presentation/d…
    7
    75
    255
  • user avatar
    Andrey Konovalov
    @andreyknvl
    May 10, 2019
    A set of Linux binary exploitation tasks for beginners for various architectures (x86, x86-64, arm, arm64, mips, mips64, ppc, ppc64, sparc64 on the way):
    GitHub - xairy/easy-linux-pwn: A set of Linux binary exploitation tasks for beginners on various...
    From github.com
    1
    122
    256
  • user avatar
    Andrey Konovalov
    @andreyknvl
    Sep 4, 2019
    A Linux kernel CTF task that relies on a double-fetch/data-race introduced by the compiler for exploitation:
    rpis.ec
    TokyoWesterns CTF 2019 - gnote
    I found this challenge from TokyoWesterns CTF to be especially interesting and refreshing. The format is that of a standard Linux kernel challenge: we are provided with a kernel image, filesystem,...
    4
    96
    249
  • user avatar
    Andrey Konovalov
    @andreyknvl
    Sep 17, 2024
    Slides and recording from my "SLUB Internals for Exploit Developers" talk at @LinuxSecSummit yesterday 🥳 Slides: docs.google.com/presentation/d… Slides PDF: static.sched.com/hosted_files/l… Recording: youtu.be/WWQh4yAoXME?t=…
    user avatar
    Andrey Konovalov
    @andreyknvl
    Sep 11, 2024
    Gonna be giving a talk "SLUB Internals for Exploit Developers" at @LinuxSecSummit next week. Plan to cover the basics one needs to know before writing exploits for slab bugs; slides coming along 😁 Also gonna stay around for @linuxplumbers. lsseu2024.sched.com/event/1ebVN
    2
    79
    255
    33K