Android and Linux Zero-Day Gives Attackers Root Access
A new zero-day vulnerability allows Android or Linux applications to escalate privileges
Security researchers have discovered a new zero-day vulnerability in Linux kernel that affects both the Linux operating system and the Android mobile operating system, which allows potential hackers to gain full control of the PC or smartphone. The new vulnerability was discovered by security researchers at Perception Point and allows hackers to hack Android or Linux applications to escalate privileges and gain root access to PC/laptop or smartphone.
“This affects all Android phones KitKat and higher,” said Yevgeny Pats, co-founder and CEO at security vendor Perception Point.
According to the researchers that discovered this flaw, the zero-day is a local privilege escalation vulnerability in the Linux kernel that originates from a reference leak in the keyring utility. The Linux keyring facility stores login information in an encrypted format, making it available for other applications and drivers when they need it. The vulnerability has been deemed as high risk and allocated a unique identifier, CVE-2016-0728.
According the the security researchers, any machine with Linux Kernel 3.8 or higher is vulnerable to this zero day bug. Going by the machines running on Linux, tens of millions of Linux PCs and servers, both 32-bit and 64-bit as well as Android smartphones and tablets.
What makes the zero-day dangerous is that Linux is used in almost majority of systems used for Internet, mobile, embedded systems and the Internet of Things, and powers nearly all of the world’s supercomputers. Once the hacker is able to exploit this vulnerability, he/she can delete files, view private information, and install unwanted programs including malware.
All Android devices running KitKat or higher are also affected, which currently account for about two-thirds of the Android ecosystem. The zero-day also affects Android devices because Google built the Android OS on top of an older version of the Linux kernel.
Linux OS versions that deploy the SMEP (Supervisor Mode Execution Protection) and SMAP (Supervisor Mode Access Protection) make exploiting this vulnerability a lot more difficult. The same thing is also valid for Android devices with SELinux.
According to Pats, this vulnerability has existed in the Linux kernel since 2012.
Pats said that the Linux team has been notified, and patches should be available and pushed out soon to devices with automatic updates. Perception Point has also created proof of concept code that exploits this vulnerability to gain root access. If you are a coder/developer, you can access the PoC on GitHub.
So far, Pats said, no exploits have been observed in the wild that take advantage of this vulnerability.
That may change, however, as news of the vulnerability spreads and some devices take longer to be patched than others.