AndroidVulnerabilities.org

RageAgainstTheCage adb

(json)

• CVE numbers: CVE-2010-EASY [intrepidus-looking-at-c-skills][archived]
• Coordinated disclosure?: false
• Categories: system
• Details: adb fails to check setuid return code and this can be caused to fail by the shell user already having RLIMIT_NPROC processes. [citation-needed]
• Discovered by: Sebastian Krahmer [thesnkchrmr-ratc][archived] on: 2010-08-21 [c-skills-droid2][archived]
• Reported on: Unknown
• Fixed on: 2010-08-27 [rageagainstthecage-adb-patch]
• Fix released on: Unknown
• Affected versions: 1.6_r1-2.2_r1 [adb-setuid-bug-patch] regex: (1.[6-9].[0-9])|(2.((1.[0-9])|(2.0)))
• Affected devices: Droid2, backflip and evo [c-skills-droid2][archived]
• Affected manufacturers: all [rageagainstthecage-adb-patch]
• Fixed versions: 2.2.2 and greater [android-security-2010-EASY-patches][archived], 2.2_r8, 2.3_r1 [rageagainstthecage-adb-patch]
• Submission: by: Daniel R. Thomas, on: 2013-09-05