Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3918

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2011-3918
Last Modified 03 Aug 2013 03:37:41
Published 07 Oct 2012 11:55:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-3918

Summary

The Zygote process in Android 4.0.3 and earlier accepts fork requests from processes with arbitrary UIDs, which allows remote attackers to cause a denial of service (reboot loop) via a crafted application.

Vulnerable Systems

Operating System

  • Google Android 1.0

  • Google Android 1.1

  • Google Android 1.5

  • Google Android 1.6

  • Google Android 2.0

  • Google Android 2.0.1

  • Google Android 2.1

  • Google Android 2.2

  • Google Android 2.2.1

  • Google Android 2.2.2

  • Google Android 2.2.3

  • Google Android 2.3

  • Google Android 2.3.1

  • Google Android 2.3.2

  • Google Android 2.3.3

  • Google Android 2.3.4

  • Google Android 2.3.5

  • Google Android 2.3.6

  • Google Android 2.3.7

  • Google Android 3.0

  • Google Android 3.1

  • Google Android 3.2

  • Google Android 3.2.1

  • Google Android 3.2.2

  • Google Android 3.2.4

  • Google Android 3.2.6

  • Google Android 4.0

  • Google Android 4.0.1

  • Google Android 4.0.2

  • Google Android 4.0.3


References

CONFIRM - https://code.google.com/p/android-source-browsing/source/detail?repo=platform--system--core&r=e7fd911fd42b

MISC - http://www.ai-lab.it/merlo/publications/DoSAndroid.pdf


Last Updated: 27 May 2016 11:00:52