1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Google warns of Android flaw used to gain root access to devices

Discussion in 'Network World' started by RSS, Mar 22, 2016.

  1. RSS

    RSS New Member Member

    An application that allows users to gain full control -- root access -- over their Android devices is taking advantage of a security flaw in the Linux kernel that has remained unpatched in Android since its discovery two years ago.

    The bug was originally fixed in the Linux kernel in April 2014, but wasn't flagged as a vulnerability until February 2015 when its security implications were understood and it received the CVE-2015-1805 identifier. Even then, the fix did not get ported to Android, which is based on the Linux kernel.

    It wasn't until Feb. 19 that researchers from a security outfit called C0RE Team notified Google that the vulnerability could be exploited on Android in order to achieve privilege escalation -- the execution of code with the privileges of the root account.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page