Lucene search

[email protected]CVE-2011-1823

HistoryJun 09, 2011 - 10:36 a.m.

CVE-2011-1823

2011-06-0910:36:27

CWE-190

[email protected]

web.nvd.nist.gov

579

In Wild

cve-2011-1823

android

vold

volume manager daemon

pf_netlink socket

arbitrary code execution

root privileges

memory corruption

gingerbreak

nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.6%

JSON

The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 trusts messages that are received from a PF_NETLINK socket, which allows local users to execute arbitrary code and gain root privileges via a negative index that bypasses a maximum-only signed integer check in the DirectVolume::handlePartitionAdded method, which triggers memory corruption, as demonstrated by Gingerbreak.

Affected configurations

NVD

Node

googleandroidRange2.0–2.3.4

googleandroidMatch3.0

CPENameOperatorVersion
google:androidgoogle androidlt2.3.4
google:androidgoogle androideq3.0

CPE	Name	Operator	Version
google:android	google android	lt	2.3.4
google:android	google android	eq	3.0

References

android.git.kernel.org/?p=platform/system/core.git%3Ba=commit%3Bh=b620a0b1c7ae486e979826200e8e441605b0a5d6

android.git.kernel.org/?p=platform/system/netd.git%3Ba=commit%3Bh=79b579c92afc08ab12c0a5788d61f2dd2934836f

android.git.kernel.org/?p=platform/system/vold.git%3Ba=commit%3Bh=c51920c82463b240e2be0430849837d6fdc5352e

androidcommunity.com/gingerbreak-root-for-gingerbread-app-20110421/

c-skills.blogspot.com/2011/04/yummy-yummy-gingerbreak.html

forum.xda-developers.com/showthread.php?t=1044765

www.androidpolice.com/2011/05/03/google-patches-gingerbreak-exploit-but-dont-worry-we-still-have-root-for-now/

xorl.wordpress.com/2011/04/28/android-vold-mpartminors-signedness-issue/

exchange.xforce.ibmcloud.com/vulnerabilities/67977

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.6%

JSON

Related for CVE-2011-1823

checkpoint_advisories1 cvelist1 attackerkb1 cisa_kev1 nvd1 android1 prion1