01linuxpenguinshoot100567197orig
Security

Linux zero-day affects most Androids, millions of Linux PCs

A new zero-day vulnerability has been discovered that allows Android or Linux applications to escalate privileges and gain root access, according to a report released this morning by Perception Point.

"This affects all Android phones KitKat and higher," said Yevgeny Pats, co-founder and CEO at security vendor Perception Point.

Any machine with Linux Kernel 3.8 or higher is vulnerable, he said, including tens of millions of Linux PCs and servers, both 32-bit and 64-bit. Although Linux lags in popularity on the desktop, the operating system dominates the Internet, mobile, embedded systems and the Internet of Things, and powers nearly all of the world's supercomputers.

Using this vulnerability, attackers are able to delete files, view private information, and install unwanted programs.

According to Pats, this vulnerability has existed in the Linux kernel since 2012.

Pats said that the Linux team has been notified, and patches should be available and pushed out soon to devices with automatic updates. Perception Point has also created proof of concept code that exploits this vulnerability to gain root access.

So far, Pats said, no exploits have been observed in the wild that take advantage of this vulnerability.

That may change, however, as news of the vulnerability spreads and some devices take longer to be patched than others.

"We recommend that security teams examine potentially affected devices and implement patches as soon as possible," the company said.

According to Pats, the vulnerability is related to the keyrings facility, a way for drivers to save security data, authentication keys, and encryption keys in the kernel.

The new keyrings vulnerability is currently known only by its identification number, CVE-2016-0728.

The new vulnerability disclosure comes on the heels of of a whole batch of Android vulnerabilities that Google fixed just last week, including several kernel privilege escalation vulnerabilities. Five of the critical vulnerabilities patched were related to bugs in the kernel drivers or the kernel itself.

Google does not allow applications that root Android devices to be distributed through the Google Play store, but some slip through the vetting process -- or are downloaded through unofficial app stores. Some users deliberately root their phones in order to gain capabilities not typically available on Android.

IDG Insider

PREVIOUS ARTICLE

« Report: Cybersecurity pros losing confidence

NEXT ARTICLE

Anonymous employee feedback tells only part of the story »
author_image
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail

Recommended for You

20 Red-Hot, Pre-IPO companies to watch in 2019 B2B tech - Part 1

Martin Veitch's inside track on today’s tech trends

Training and certification for a cloud native world

Keri Allan looks at the latest trends and technologies

Unicorns are running free in the UK but Brexit poses a tough challenge

Trevor Clawson on the outlook for UK Tech startups

Poll

Do you think your smartphone is making you a workaholic?