Ashmembrk.A

May 17, 2025

AppRisk Coverage: Yes
Type: Exploit
OWASP: M4: Unintended Data Leakage
Aliases:

CVE-2011-1149

Platform: Android
File size (bytes):
Filename:
App title:
MD5 Hash:
SHA1 hash:
Affected CVE:

CVE-2011-1149

Details or analysis:

This exploits CVE-2011-1149 to get root privilege via neutering the Android property service.

Android versions prior to 2.3 do not properly restrict access to the system property space, which allows local applications to bypass the application sandbox and gain privileges. Related to the use of Android shared memory (ashmem) and ASHMEM_SET_PROT_MASK.

Reference:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1149
http://cve.scap.org.cn/CVE-2011-1149.html
http://c-skills.blogspot.com/2011/01/adb-trickery-again.html

Security

Ashmembrk.A

NewSky Security

Links

Get In Touch