We'll be moving this kind of content to our forum soon where we can write more about it and use proper formatting including headers and relevant inline images. We haven't moved to the new approach yet...
AOSP also doesn't permit setuid or setgid binaries which was the chosen attack vector for exploiting it in the proof of concept exploit. It similarly doesn't permit io_uring, user namespaces and a lot of other functionality outside of a few core processes for security reasons.
1