Last I checked, Unrevoked was using two different exploits: The first exploit is the zygote rageagainstthecage exploit, which you previously asked about in http://groups.google.com/group/android-security-discuss/browse_thread/thread/1ba8724fb2d4e9bb. Patches are available in that message.
The second exploit is the adb rageagainstthecage exploit. Froyo (Android 2.2) patch: http://android.git.kernel.org/?p=platform/system/core.git;a=commit;h=2ad6067ce491446ab22f59a363d36575a942f5c7 Gingerbread (Android 2.3) patch: http://android.git.kernel.org/?p=platform/system/core.git;a=commit;h=44db990d3a4ce0edbdd16fa7ac20693ef601b723 I don't believe unrevoked uses the "exploid" attack (commonly but incorrectly known as CVE-2009-1185). -- Nick On Wed, Apr 13, 2011 at 6:05 AM, Pandit <[email protected]> wrote: > I would like to understand more about "Unrovked". Is there any patch > from Android to prevent this or the exploitation is based on platform > specific implementation? From what I have learned so far the exploit > is based on CVE-2011-0727 which was reported only recently but > "Unrevoked" has been around for a while now. Please let me know if > there is any patch for this. > > Thank you, > -Pandit > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
