Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1352

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2011-1352
Last Modified 08 Feb 2013 12:00:00
Published 05 Feb 2013 10:55:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1352

Summary

The PowerVR SGX driver in Android before 2.3.6 allows attackers to gain root privileges via an application that triggers kernel memory corruption using crafted user data to the pvrsrvkm device.

Vulnerable Systems

Operating System

  • Google Android 1.0

  • Google Android 1.1

  • Google Android 1.5

  • Google Android 1.6

  • Google Android 2.0

  • Google Android 2.0.1

  • Google Android 2.1

  • Google Android 2.2

  • Google Android 2.2.1

  • Google Android 2.2.2

  • Google Android 2.2.3

  • Google Android 2.3

  • Google Android 2.3.1

  • Google Android 2.3.2

  • Google Android 2.3.3

  • Google Android 2.3.4

  • Google Android 2.3.5


References

MISC - http://jon.oberheide.org/files/levitator.c

CONFIRM - http://code.google.com/p/android/issues/detail?id=21523


Last Updated: 27 May 2016 10:56:40