x PhoneArena is hiring! Reviewer in the USA
  • Hidden picShow menu
  • Home
  • News
  • Bug in Linux kernel reportedly leaves 66% of Android devices vulnerable; Google responds

Bug in Linux kernel reportedly leaves 66% of Android devices vulnerable; Google responds

Posted: , by Alan F.

Tags :

Bug in Linux kernel reportedly leaves 66% of Android devices vulnerable; Google responds
A new zero-day vulnerability has been found in the Linux kernel used by Android. The discovery, made by the Perception Point Research team, reveals a flaw that has been around since 2012, and could affect as many as 66% of current Android phones and tablets. The good news is that the security researchers have not found that any attempts have been made to exploit the vulnerability. Still, the research team says that the flaw needs to patched immediately.

According to a second report published today, this particular flaw can actually allow a malicious app to "breakout" of a secure sandbox and take control of some Android functions. The report added that the flaw could cause certain apps to take over the camera, microphone, GPS location and personal data. The flaw was reportedly introduced to Linux kernel 3.8 in early 2013.

Google responded this afternoon by saying that its own researchers do not believe that Android devices are vulnerable to exploits by third party apps. The company added that the number of Android devices that are at risk is "significantly smaller than initially reported." Despite Google's unworried response to the initial report, it still plans to issue a patch in March.

source: PerceptionPoint via ArsTechnica

31 Comments
  • Options
    Close




posted on 20 Jan 2016, 17:43

1. Nathillien (Posts: 210; Member since: 05 Oct 2014)


yawn!

posted on 20 Jan 2016, 22:52 3

21. XperiaFanZone (Posts: 2111; Member since: 21 Sep 2012)


The silence of the Linux fanboys is deafening

posted on 21 Jan 2016, 03:24

26. spin9 (Posts: 282; Member since: 31 May 2014)


What has NSA to say about that bug?

posted on 20 Jan 2016, 17:45 2

2. Clars123 (Posts: 723; Member since: 16 Mar 2015)


that's right...keep discovering vulnerabilities so Google can patch them..at the end of the day these "research teams" are only helping Android become more secure.

posted on 20 Jan 2016, 19:07 5

13. cdm283813 (Posts: 354; Member since: 10 Jan 2015)


To bad Samsung update policy is crap.

posted on 20 Jan 2016, 23:05 2

22. RoboticEngi (Posts: 709; Member since: 03 Dec 2014)


I'm on the December security update on my Samsung phone. They are doing fine.....go troll some where else.

posted on 20 Jan 2016, 22:32

20. greyarea (Posts: 176; Member since: 14 Aug 2015)


The way you wrote this makes it sound like making things more secure isn't the end goal of the research team. Am I just reading it wrong?

posted on 21 Jan 2016, 01:49

24. strudelz100 (Posts: 644; Member since: 20 Aug 2014)


Too bad Google didn't build in Security Updates into Android. Instead they depend on OEM's who have zero incentive.

The vast majority of handsets world wide still are vulnerable to Stagefright....TODAY because of absent update policy.

posted on 20 Jan 2016, 17:55 2

3. theguy2345 (Posts: 1216; Member since: 24 Jun 2014)


The fact that Google just shrugged it off is kinda scary of you ask me. Shouldn't they try to make it as secure as possible, not shrug off these kind of things.

posted on 20 Jan 2016, 18:58 1

11. NexusKoolaid (Posts: 479; Member since: 24 Oct 2011)


You need to do a little more research before jumping to conclusions like that.

http://www.androidcentral.com/kernel-vulnerability-exposed-researchers

posted on 20 Jan 2016, 20:13 6

18. joey_sfb (Posts: 5741; Member since: 29 Mar 2012)


Thanks for the link. Google Android's CONFIG_KEYS variable are defaulted to OFF which would not create the flaw in the first place.

Unless OEM or Custom ROM developer change the default setting and recompile the android kernel to change that default setting, Android is not affected.

So all Nexus devices are not affected, and I would agree with Google that not many would play with kernel default setting and recompile it for their phone. Because its bring zero benefit and a hordes of compatibility issues.

Another example of PA one sided reporting.

posted on 21 Jan 2016, 01:53 1

25. strudelz100 (Posts: 644; Member since: 20 Aug 2014)


Google is in the business of MAKING MONEY. Critical bugs threaten profits. Critical bugs are thus hidden when they are not easily defeated.

It's extremely simple....when folks stop and realize that Google doesn't produce Android for charity. These guys are every bit as bad as any other corporate entity and dodge billions in taxes just like the Government allows from any other mega-company.

posted on 20 Jan 2016, 18:00

4. steelew (Posts: 201; Member since: 04 Jun 2012)


I guess we can assume they will be scanning for apps that try to use this (if that's possible) going forward? Hopefully?

posted on 20 Jan 2016, 18:13 1

5. darkkjedii (Posts: 21204; Member since: 05 Feb 2011)


Someone will leave a 5,000 word rant about this.

posted on 20 Jan 2016, 18:13

6. theo14461 (unregistered)


Welcome to the wonderful world of Android.

posted on 20 Jan 2016, 18:21 4

7. VZWuser76 (Posts: 4185; Member since: 04 Mar 2010)


I read about this on another site. It's not only Android, anything running Linux or a derivative of it is vulnerable.

posted on 20 Jan 2016, 18:28 1

8. Napalm_3nema (Posts: 2183; Member since: 14 Jun 2013)


Yeah, it's kernel level, but their numbers in this article are not correct. It's hard to tell what is vulnerable, since OEMs don't always update the kernel to the same version on the same version of Android. There are Marshmallow builds with 3.1X and 3.4 in the wild.

posted on 20 Jan 2016, 18:29 1

9. Kary1 (Posts: 300; Member since: 26 Jun 2015)


That's what caught my eye--that it's a Linux issue, an OS type people usually view as secure.

posted on 20 Jan 2016, 18:44

10. Mxyzptlk (Posts: 12979; Member since: 21 Apr 2012)


That doesn't really change much given how large the android user base is.

posted on 20 Jan 2016, 19:54 1

16. VZWuser76 (Posts: 4185; Member since: 04 Mar 2010)


First it depends on which kernel they're using as Napalm said. Second, the point was the issue isn't isolated to Android as Theo implied.

posted on 20 Jan 2016, 19:00 4

12. NexusKoolaid (Posts: 479; Member since: 24 Oct 2011)


The world of iOS and Oracle has been a bit rough lately as well.

http://www.forbes.com/sites/thomasbrewster/2016/01/20/huge-number-of-critical-flaws-revealed-in-apple-android-linux-and-oracle-systems/

posted on 20 Jan 2016, 23:08 5

23. RoboticEngi (Posts: 709; Member since: 03 Dec 2014)


Shhh don't break the sheep's soft pink illusions about apples unbreakable security..........

posted on 20 Jan 2016, 19:43

14. AkoSiKuting (banned) (Posts: 88; Member since: 09 Dec 2015)


Android exist because some users just can't afford to pay vulnerability

posted on 21 Jan 2016, 04:07 1

27. greyarea (Posts: 176; Member since: 14 Aug 2015)


Does not translate

posted on 21 Jan 2016, 04:18 1

28. Dattack (Posts: 61; Member since: 09 Jan 2013)


Ah, you are one of "all mighty iOS users"? I guess, it's better to say you are one of the brainwashed dips**ts.

posted on 21 Jan 2016, 05:30 1

30. tedkord (Posts: 11626; Member since: 17 Jun 2009)


Some people need to pay for English lessons.

posted on 20 Jan 2016, 19:45

15. Synack (Posts: 677; Member since: 05 Jul 2011)


Real question is, can this be used to obtain root on newer devices that are locked down pretty tight?

Wondering if this could help root the future Galaxy S7 and G5, etc.

posted on 20 Jan 2016, 20:00 1

17. Napalm_3nema (Posts: 2183; Member since: 14 Jun 2013)


If they are running the correct kernel, and the SELinux kernel module is not enabled, then yes, it's possible. As I understand it, it has to be local access, and as I said above, the same version of Android on different devices can be running different kernels.

This is a concern, from a vulnerability standpoint, but I think it is a bit overblown. This is a lot more dangerous to things like servers and routers running Linux than it is for Android devices.

posted on 21 Jan 2016, 04:22 1

29. RebelwithoutaClue (Posts: 2888; Member since: 05 Apr 2013)


Most Android 5.0 phones (if not all) have the SELinux option on, so the bug doesnt work. Most Android phones have the CONFIG_KEYS variable off,so the bug doesnt work. Most Android phones with a version under 5.0 have an older Linux kernel, so the bug doesnt work.

All in all it's a tempest in a teacup. Also if you stick to the Play store, you're safe

posted on 20 Jan 2016, 20:28 4

19. TechieXP1969 (limited) (Posts: 10115; Member since: 25 Sep 2013)


For such bugs whether it's iOS or Android which are both NIX based operating systems, other than people paid to find holes, I don't see how this is news or why we should care.

I don't know of anyone with a mobile device that has ever been exploited in the wild. Why should we worry?

If you download of from verified trusted developers, something like this is never going to be an issue whether your device is rooted or not otherwise jailbroken or not.

posted on 21 Jan 2016, 08:05

31. Veigald (Posts: 290; Member since: 13 Jan 2012)


Patch needs to be issued immediately. On Android.

Hahahahahahaha, like that's gonna happen! Issue the patch now, maybe 1% of phones has it in 2017 :)

Want to comment? Please login or register.

Latest stories