Vulnerabilities > CVE-2011-3918 - Resource Management Errors vulnerability in Google Android
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The Zygote process in Android 4.0.3 and earlier accepts fork requests from processes with arbitrary UIDs, which allows remote attackers to cause a denial of service (reboot loop) via a crafted application.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Android Zygote - Socket Vulnerability Fork bomb Attack. CVE-2011-3918. Dos exploit for android platform |
| id | EDB-ID:28957 |
| last seen | 2016-02-03 |
| modified | 2013-10-14 |
| published | 2013-10-14 |
| reporter | Luca Verderame |
| source | https://www.exploit-db.com/download/28957/ |
| title | Android Zygote - Socket Vulnerability Fork bomb Attack |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/123599/androidzygote-dos.txt |
| id | PACKETSTORM:123599 |
| last seen | 2016-12-05 |
| published | 2013-10-14 |
| reporter | Luca Verderame |
| source | https://packetstormsecurity.com/files/123599/Android-Zygote-Socket-Fork-Bomb.html |
| title | Android Zygote Socket Fork Bomb |
Seebug
| bulletinFamily | exploit |
| description | No description provided by source. |
| id | SSV:82501 |
| last seen | 2017-11-19 |
| modified | 2014-07-01 |
| published | 2014-07-01 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-82501 |
| title | Android Zygote - Socket Vulnerability Fork bomb Attack |
References
- http://www.ai-lab.it/merlo/publications/DoSAndroid.pdf
- https://code.google.com/p/android-source-browsing/source/detail?repo=platform--system--core&r=e7fd911fd42b
- http://www.ai-lab.it/merlo/publications/DoSAndroid.pdf
- https://code.google.com/p/android-source-browsing/source/detail?repo=platform--system--core&r=e7fd911fd42b