Scary Linux root exploit found, but Google’s not even sweating any major Android impact


Android, as many of its users probably know, is built on Linux. And while that’s provided Google with a great framework, it also means exposing the platform to some of the same issues faced by any other Linux system. A few days back, researches published a serious vulnerability in the Linux kernel, exposing systems to a privilege-escalation attack that could allow local users to gain root. Should you be concerned for the security of your Android phone or tablet? Google’s saying “no,” for most users, but it’s still releasing a patch for good measure.

In theory, a malicious app could take advantage of this exploit to achieve root and wreak havoc on your phone, but Google doesn’t think there’s a strong chance of that happening.

Modern phones are in the clear, as the SELinux setup in Android 5.0 and later prevents apps from accessing the resources needed to pull off this attack.

Even older phones may still be safe, as this vulnerability only popped up in Linux kernel 3.8, and many pre-Lollipop devices are based on kernels from before this bug was introduced.

Google’s got a patch ready, all the same, and it’s already been provided to Android manufacturers. All told, this attack sounds quite bad on paper (and is still a real issue for Linux computers), but its potential impact on smartphones is sounding less and less severe.

Source: Adrian Ludwig (Google+)
Via: Engadget


What's your reaction?
Love It
Like It
Want It
Had It
Hated It
About The Author
Stephen Schenck
Stephen has been writing about electronics since 2008, which only serves to frustrate him that he waited so long to combine his love of gadgets and his degree in writing. In his spare time, he collects console and arcade game hardware, is a motorcycle enthusiast, and enjoys trapping blue crabs. Stephen's first mobile device was a 624 MHz Dell Axim X30, which he's convinced is still a viable platform. Stephen longs for a market where phones are sold independently of service, and bandwidth is cheap and plentiful; he's not holding his breath. In the meantime, he devours smartphone news and tries to sort out the juicy bitsRead more about Stephen Schenck!