{
  "name" : "vold asec",
  "CVE" : [],
  "Coordinated_disclosure" : "true",
  "Categories" : ["system"],
  "Details" : [["Insufficient paramter checking for asec container creation allows an asec container to be mounted over part of the filesystem using directory traversal if the app has the ASEC_* permissions such as ASEC_CREATE","cassidian-vold-asec"],["There is an adb tethered root explot for motorola phones","xda-developers-pie-exploit"]],
  "Severity" : "uncertain",
  "Discovered_by" : [["Justin Case (jcase)", "android-paper"]],
  "Discovered_on" : [],
  "Submission" : [{"by" : "drt24", "on" : "2014-07-16"}, {"by" : "lmrs2", "on" : "2014-06-04"}, {"by" : "lmrs2", "on" : "2015-10-09"}, {"by" : "dcc52", "on" : "2019-07-08"}],
  "Reported_on" : [["2014-06-03", "cassidian-vold-asec"]],
  "Fixed_on" : [["2014-01-27", "vold-asec-patch"]],
  "Fix_released_on" : [["2014-06-02", "android-4.4.3_r1"]],
  "Affected_versions" : [["2.2.1_r1-4.4.2",["vold-asec-implementation","cassidian-vold-asec"]]],
  "Affected_devices" : [["Motorola devices", "xda-developers-pie-exploit"],["Proper SEAndroid policies do block this, Nexus 5, Samsung S4/5/Note3, LG Flex, Sony Z2 devices etc should have this mitigated. Nexus 4 if it hasn't been updated to 4.4.3 nor reset since OTA to 4.4","plus-jcase-pie"]],
  "Affected_versions_regexp" : ["(2\\.((2\\.[1-9])|([3-9]\\.[0-9])))|(3\\.[0-9]\\.[0-9])|(4\\.(([0-3]\\.[0-9])|(4\\.[0-2])))"],
  "Affected_manufacturers" : [["all","vold-asec-implementation"]],
  "Fixed_versions" : [["4.4.3","cassidian-vold-asec"]],
  "references" : {
    "cassidian-vold-asec" : {
      "url" : "http://blog.cassidiancybersecurity.com/post/2014/06/Android-4.4.3,-or-fixing-an-old-local-root"
    },
    "android-4.4.3_r1" : {
      "url" : "https://android.googlesource.com/platform/build/+/android-4.4.3_r1",
      "component" : "platform/build",
      "commit" : "74269416350a45ed40d1ba465db2a843b8feffd6"
    },
    "vold-asec-patch" : {
      "url" : "https://android.googlesource.com/platform/system/vold/+/0de7c61",
      "compoent" : "platform/system/vold",
      "commit" : "0de7c61102611ccd5df1ca48cb733bf037512c6b"
    },
    "xda-developers-pie-exploit" : {
      "url" : "http://forum.xda-developers.com/moto-x/orig-development/root-4-4-x-pie-motorola-devices-t2771623"
    },
    "vold-asec-implementation" : {
      "url" : "https://android.googlesource.com/platform/system/vold/+/a19b250bd273455933ca3502cf2c2e0a803aff77",
      "component" : "platform/system/vold",
      "commit" : "a19b250bd273455933ca3502cf2c2e0a803aff77"
    },
    "plus-jcase-pie" : {
      "url" : "https://plus.google.com/u/0/+JustinCaseAndroid/posts/7BxgPNc7ZJs"
    },
    "android-paper" : {
      "url" : "https://www.researchgate.net/publication/323635885_A_survey_of_Android_exploits_in_the_wild"
    }
  },
  "Surface": ["usb-debug", "local"],
  "Vector": ["daemon-abusing"],
  "Target": ["system-component"],
  "Channel": ["physical-access", "shell"],
  "Condition": ["usb-debug"],
  "Privilege": ["root"]
}