CVE-2011-1823 — Android Android OS

Android OS Privilege Escalation Vulnerability

Added to KEV

2022-09-08

Federal due date

2022-09-29

Vendor

Android

Product

Android OS

EPSS

97.3th percentile (score 0.383, as of 2026-06-08)

NVD CVSS v3.1

—

Ransomware use

Unknown

Upstream

https://nvd.nist.gov/vuln/detail/CVE-2011-1823

CISA short description

The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to execute code and gain root privileges. This vulnerability is associated with GingerBreak and Exploit.AndroidOS.Lotoor.

Required action

Apply updates per vendor instructions.

EPSS percentile is the FIRST.org exploit-probability ranking as of the date noted above; it moves daily. CVSS reflects NVD's analysis at time of publication.