CVE-2011-1823 - Android OS Privilege Escalation Vulnerability

Vulnerability Name

Android OS Privilege Escalation Vulnerability

Description

The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to execute code and gain root privileges. This vulnerability is associated with GingerBreak and Exploit.AndroidOS.Lotoor.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://android.googlesource.com/platform/system/vold/+/c51920c82463b240e2be0430849837d6fdc5352e

https://nvd.nist.gov/vuln/detail/CVE-2011-1823