Zero Day Hits Androids, Linux PCs

Wednesday, January 20, 2016 @ 04:01 PM gHale

A Zero Day vulnerability allows Android or Linux applications to escalate privileges and gain root access, researchers said.

The issue affects all Android phones KitKat and higher, said Yevgeny Pats, co-founder and chief executive at security vendor Perception Point.

McAfee Application Control Flaws Found
Flaws Found in Security Providers’ Wares
Avast Patches AV Zero Day
Fortinet Fixes Antivirus Vulnerability

In addition, any machine with Linux Kernel 3.8 or higher is vulnerable, including tens of millions of Linux PCs and servers, both 32-bit and 64-bit, Perception Point researchers said in a report. Although Linux lags in popularity on the desktop, the operating system dominates the Internet, mobile, embedded systems and the Internet of Things (IoT), and powers nearly all of the world’s supercomputers.

Using this vulnerability, attackers are able to delete files, view private information, and install unwanted programs.

This vulnerability has existed in the Linux kernel since 2012, the researchers said.

The Linux team is aware of the issue and patches should be available and pushed out soon to devices with automatic updates. Perception Point has also created proof of concept code that exploits this vulnerability to gain root access.

Researchers have not seen exploits out there taking advantage of this vulnerability.

That may change, however, as news of the vulnerability spreads and some devices are on a longer patching cycle than others.

“We recommend that security teams examine potentially affected devices and implement patches as soon as possible,” the company said.

The vulnerability ends up related to the keyrings facility, a way for drivers to save security data, authentication keys, and encryption keys in the kernel.

The new keyrings vulnerability’s identification number is CVE-2016-0728.

The new vulnerability disclosure comes on the heels of Android vulnerabilities that Google fixed just last week, including several kernel privilege escalation vulnerabilities. Five of the critical vulnerabilities patched ended up related to bugs in the kernel drivers or the kernel itself.