CVE-2011-1823
Android OS Privilege Escalation Vulnerability
CVSS
—
No CVSS
EPSS
41.6%
p99
KEV
YES
Sep 8, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
Product
Android / Android OS
Vulnerability
Android OS Privilege Escalation Vulnerability
Added to KEV
Sep 8, 2022
Remediate by
Sep 29, 2022
Known ransomware use
No
Summary description
The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to execute code and gain root privileges. This vulnerability is associated with GingerBreak and Exploit.AndroidOS.Lotoor.
Required action
Apply updates per vendor instructions.
Notes
https://android.googlesource.com/platform/system/vold/+/c51920c82463b240e2be0430849837d6fdc5352e; https://nvd.nist.gov/vuln/detail/CVE-2011-1823
No related CVEs by CWE or product.