Akastealth

**Name of the Vulnerable Software and Affected Versions** Android versions prior to 2.3.4 Android version 3.0 **Description** The issue allows local users to execute arbitrary code and gain root privileges via a negative index that bypasses a maximum-only signed integer check in the `DirectVolume::handlePartitionAdded` method, which triggers memory corruption. This is demonstrated by Gingerbreak, where the `vold` volume manager daemon trusts messages received from a `PF NETLINK` socket. **Recommendations** For Android versions prior to 2.3.4, update to version 2.3.4 or later to resolve the issue. For Android version 3.0, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `vold` volume manager daemon to minimize the risk of exploitation.