7.8

CVE-2011-1823

Warnung
Medienbericht
Exploit
The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 trusts messages that are received from a PF_NETLINK socket, which allows local users to execute arbitrary code and gain root privileges via a negative index that bypasses a maximum-only signed integer check in the DirectVolume::handlePartitionAdded method, which triggers memory corruption, as demonstrated by Gingerbreak.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleAndroid Version >= 2.0 < 2.3.4
GoogleAndroid Version3.0

08.09.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Android OS Privilege Escalation Vulnerability

Schwachstelle

The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to execute code and gain root privileges. This vulnerability is associated with GingerBreak and Exploit.AndroidOS.Lotoor.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 41.63% 0.985
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

http://android.git.kernel.org/?p=platform/system/core.git%3Ba=commit%3Bh=b620a0b1c7ae486e979826200e8e441605b0a5d6
Broken Link
http://android.git.kernel.org/?p=platform/system/netd.git%3Ba=commit%3Bh=79b579c92afc08ab12c0a5788d61f2dd2934836f
Broken Link
http://android.git.kernel.org/?p=platform/system/vold.git%3Ba=commit%3Bh=c51920c82463b240e2be0430849837d6fdc5352e
Broken Link
http://androidcommunity.com/gingerbreak-root-for-gingerbread-app-20110421/
Broken Link
http://c-skills.blogspot.com/2011/04/yummy-yummy-gingerbreak.html
Exploit
Issue Tracking
http://forum.xda-developers.com/showthread.php?t=1044765
Exploit
Issue Tracking
http://www.androidpolice.com/2011/05/03/google-patches-gingerbreak-exploit-but-dont-worry-we-still-have-root-for-now/
Press/Media Coverage
http://xorl.wordpress.com/2011/04/28/android-vold-mpartminors-signedness-issue/
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/67977
Third Party Advisory
VDB Entry
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2011-1823
US Government Resource