CVE-2011-1823 — Android OS Privilege Escalation Vulnerability
2022-09-08 • CISA Known Exploited Vulnerability
[event] The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to execute code and gain root privileges. This vulnerability is associated with GingerBreak and Exploit.AndroidOS.Lotoor.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Android |
| Product | Android OS |
| CWE | CWE-189 |
| CVE ID | CVE-2011-1823 |
| Date Added | 2022-09-08 |
| Due Date | 2022-09-29 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-09-29