diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml
index 79b0779cdade..e4b1afcc356f 100644
--- a/supply-chain/audits.toml
+++ b/supply-chain/audits.toml
@@ -27,6 +27,17 @@ who = "Mike Hommey <mh+mozilla@glandium.org>"
 criteria = "safe-to-run"
 delta = "1.1.0 -> 1.1.1"
 
+[[audits.ashmem]]
+who = "Matthew Gregan <kinetik@flim.org>"
+criteria = "safe-to-deploy"
+version = "0.1.2"
+notes = """
+Small unsafe wrapper around Android 8.0's ASharedMemory native API that falls
+back to older private ioctl-based API at runtime on earlier OS releases.  The
+shim code is small and doesn't inspect the API arguments, so is unlikely to
+expose any safety issues beyond those presented by the native OS API.
+"""
+
 [[audits.atomic_refcell]]
 who = "Bobby Holley <bholley@mozilla.com>"
 criteria = "safe-to-deploy"
diff --git a/supply-chain/config.toml b/supply-chain/config.toml
index 84b51d2271b8..11563d4e24df 100644
--- a/supply-chain/config.toml
+++ b/supply-chain/config.toml
@@ -197,10 +197,6 @@ criteria = "safe-to-deploy"
 version = "0.37.0+1.3.209"
 criteria = "safe-to-deploy"
 
-[[exemptions.ashmem]]
-version = "0.1.2"
-criteria = "safe-to-deploy"
-
 [[exemptions.askama]]
 version = "0.11.1"
 criteria = "safe-to-deploy"