Unrated severityNVD Advisory· Published Apr 21, 2011· Updated Jun 16, 2026
CVE-2011-1149
CVE-2011-1149
Description
Android before 2.3 does not properly restrict access to the system property space, which allows local applications to bypass the application sandbox and gain privileges, as demonstrated by psneuter and KillingInTheNameOf, related to the use of Android shared memory (ashmem) and ASHMEM_SET_PROT_MASK.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10cpe:2.3:o:google:android:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:o:google:android:*:*:*:*:*:*:*:*range: <=2.2.2
- cpe:2.3:o:google:android:1.5:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:1.6:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:2.1:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:google:android:2.2:rev1:*:*:*:*:*:*
- (no CPE)range: <2.3
- osv-coords3 versionspkg:deb/ubuntu/linux-flo@3.4.0-5.23?arch=source&distro=esm-apps/xenialpkg:deb/ubuntu/linux-goldfish@3.4.0-4.27?arch=source&distro=esm-apps/xenialpkg:deb/ubuntu/linux-mako@3.4.0-7.44?arch=source&distro=esm-apps/xenial
>= 0+ 2 more
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
Patches
Vulnerability mechanics
References
6- github.com/tmzt/g2root-kmod/tree/scotty2/scotty2nvdPatch
- forum.xda-developers.com/wiki/index.phpnvdExploit
- android.git.kernel.orgnvd
- android.git.kernel.orgnvd
- c-skills.blogspot.com/2011/01/adb-trickery-again.htmlnvd
- groups.google.com/group/android-security-discuss/browse_thread/thread/15f97658c88d6827/e86db04652651971nvd
News mentions
0No linked articles in our index yet.