Well I assume it would be based on the actual linux kernel which is
CVE for Linux exploits are here:
Linux Kernel version 220.127.116.11 : Security vulnerabilities
then you would just start with that.
I do some pentesting for work and this is usually our process.
On Android though its all about what applies to the kernel/os.
I found a few exploits on 18.104.22.168 but I am trying to backup everything I have before trying them out incase I DOS my phone LOL.