CVE Vulnerabilities

CVE-2011-3918

Published: Oct 07, 2012 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

The Zygote process in Android 4.0.3 and earlier accepts fork requests from processes with arbitrary UIDs, which allows remote attackers to cause a denial of service (reboot loop) via a crafted application.

Affected Software

Name Vendor Start Version End Version
Android Google * 4.0.3 (including)
Android Google 1.0 (including) 1.0 (including)
Android Google 1.1 (including) 1.1 (including)
Android Google 1.5 (including) 1.5 (including)
Android Google 1.6 (including) 1.6 (including)
Android Google 2.0 (including) 2.0 (including)
Android Google 2.0.1 (including) 2.0.1 (including)
Android Google 2.1 (including) 2.1 (including)
Android Google 2.2 (including) 2.2 (including)
Android Google 2.2-rev1 (including) 2.2-rev1 (including)
Android Google 2.2.1 (including) 2.2.1 (including)
Android Google 2.2.2 (including) 2.2.2 (including)
Android Google 2.2.3 (including) 2.2.3 (including)
Android Google 2.3 (including) 2.3 (including)
Android Google 2.3-rev1 (including) 2.3-rev1 (including)
Android Google 2.3.1 (including) 2.3.1 (including)
Android Google 2.3.2 (including) 2.3.2 (including)
Android Google 2.3.3 (including) 2.3.3 (including)
Android Google 2.3.4 (including) 2.3.4 (including)
Android Google 2.3.5 (including) 2.3.5 (including)
Android Google 2.3.6 (including) 2.3.6 (including)
Android Google 2.3.7 (including) 2.3.7 (including)
Android Google 3.0 (including) 3.0 (including)
Android Google 3.1 (including) 3.1 (including)
Android Google 3.2 (including) 3.2 (including)
Android Google 3.2.1 (including) 3.2.1 (including)
Android Google 3.2.2 (including) 3.2.2 (including)
Android Google 3.2.4 (including) 3.2.4 (including)
Android Google 3.2.6 (including) 3.2.6 (including)
Android Google 4.0 (including) 4.0 (including)
Android Google 4.0.1 (including) 4.0.1 (including)
Android Google 4.0.2 (including) 4.0.2 (including)

References