It's CVE-2011-1823 The Android "vold" daemon improperly trusts messages received via a PF_NETLINK socket, resulting in a buffer underflow and elevated privileges, as demonstrated by the "GingerBreak" exploit.
Patches: * http://android.git.kernel.org/?p=platform/system/core.git;a=commit;h=b620a0b1c7ae486e979826200e8e441605b0a5d6 * http://android.git.kernel.org/?p=platform/system/vold.git;a=commit;h=c51920c82463b240e2be0430849837d6fdc5352e * http://android.git.kernel.org/?p=platform/system/netd.git;a=commit;h=79b579c92afc08ab12c0a5788d61f2dd2934836f Misc: * http://c-skills.blogspot.com/2011/04/yummy-yummy-gingerbreak.html * http://forum.xda-developers.com/showthread.php?t=1044765 * http://stealth.openwall.net/xSports/GingerBreak.tgz -- Nick On Fri, May 6, 2011 at 3:54 PM, Jacob <[email protected]> wrote: > > android-security-discuss, > > My Nexus S has been prompted to OTA from 2.3.3 to 2.3.4. The note on > my phone mentions an 'important security fix'. Are there any details > on what this fix is? Any particular reason why the security fix isn't > listed on: > http://www.google.com/support/forum/p/Google+Mobile/thread?tid=3812c1acf93b482f&hl=en > ? > > Thanks, > > Jacob > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
