Local Privilege Escalation via /dev/socket/init_runit on Motorola Defy XT with Android 2.3.7

Local Privilege Escalation via /dev/socket/init_runit on Motorola Defy XT with Android 2.3.7

CVE-2013-4777 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

A certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless uses init to create a /dev/socket/init_runit socket that listens for shell commands, which allows local users to gain privileges by interacting with a LocalSocket object.

Learn more about our Cis Benchmark Audit For Google Android.