Android before 2.3 does not properly restrict access to the system property space, which allows local applications to bypass the application sandbox and gain privileges, as demonstrated by psneuter and KillingInTheNameOf, related to the use of Android shared memory (ashmem) and ASHMEM_SET_PROT_MASK.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:25
Type | Values Removed | Values Added |
---|---|---|
References | () http://android.git.kernel.org/?p=kernel/common.git%3Ba=commit%3Bh=c98a285075f26e2b17a5baa2cb3eb6356a75597e - | |
References | () http://android.git.kernel.org/?p=platform/system/core.git%3Ba=commit%3Bh=25b15be9120bcdaa0aba622c67ad2c835d9e91ca - | |
References | () http://c-skills.blogspot.com/2011/01/adb-trickery-again.html - | |
References | () http://forum.xda-developers.com/wiki/index.php?title=HTC_Vision#Rooting_the_G2 - Exploit | |
References | () http://groups.google.com/group/android-security-discuss/browse_thread/thread/15f97658c88d6827/e86db04652651971?show_docid=e86db04652651971 - | |
References | () https://github.com/tmzt/g2root-kmod/tree/scotty2/scotty2 - Patch |
Information
Published : 2011-04-21 10:55
Updated : 2024-11-21 01:25
NVD link : CVE-2011-1149
Mitre link : CVE-2011-1149
CVE.ORG link : CVE-2011-1149
JSON object : View
Products Affected
- android
CWE
CWE-264
Permissions, Privileges, and Access Controls