CVE-2011-1149

Name of the Vulnerable Software and Affected Versions Android versions prior to 2.3

Description The issue allows local applications to bypass the application sandbox and gain privileges due to improper access restriction to the system property space. This is related to the use of Android shared memory (ashmem) and ASHMEM SET PROT MASK.

Recommendations For Android versions prior to 2.3, consider restricting access to the system property space to prevent local applications from bypassing the application sandbox and gaining privileges. As a temporary workaround, consider disabling the use of ashmem and ASHMEM SET PROT MASK until a patch is available.