Details: Android before 2.3 does not properly restrict access to the system property space, which allows local applications to bypass the application sandbox and gain privileges [citation-needed]
Details: udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. [CVE-2009-1185]
Details: adb fails to check setuid return code and this can be caused to fail by the shell user already having RLIMIT_NPROC processes. [citation-needed]
Details: WebKit does not properly validate floating-point data in Android versions prior to 2.2, which allows a remote arbitrary code execution attack to occur through a crafted HTML page [webkit-use-after-free-mitre]
