Android re-installation ahoy to sink privilege elevation that opens avenue for rooting apps. Google has shipped an out-of-band patch for Android shuttering a bug that is under active exploitation to root devices.
The vulnerability (CVE-2015-1805) affects all Android devices running Linux kernel versions below 3.18.
The vulnerability allows a privilege elevation rated critical that lets apps execute arbitrary code in the kernel.
Affected users will need to re-flash an instance of the Android operating system.
Google found a rooting application that exploits the vulnerability in order to root Nexus 5 and 6 handsets. All un-patched Android phones are affected however.
The Alphabet subsidiary did not say whether the application was malicious or an app to help users to root their Nexus devices.
Google has blocked the rooting app in its Play Store, while users of the latest Android operating systems will receive security flags warning of the rooting capabilities of the app.
The search tsar distributed the patch to its phone manufacturer partners on 15 March ahead of today’s general release.
“Google has become aware of a rooting application using an un-patched local elevation of privilege vulnerability in the kernel on some Android devices,” the company said in an advisory.
“This is a known issue in the upstream Linux kernel that was fixed in April 2014 but wasn’t called out as a security fix.
“On February 19, 2016, C0RE Team notified Google that the issue could be exploited on Android and a patch was developed to be included in an upcoming regularly scheduled monthly update.”
Android devices with a security patch level of 2 April are patched against the flaw.
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.