Click to Skip Ad
Closing in...

Critical Android bug can permanently compromise Nexus and other devices

Published Mar 23rd, 2016 7:40PM EDT
BGR

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Another day, another big Android vulnerability revealed. A report from security firm Lookout informs us of a new threat that can permanently “compromise” a device, including Google’s Nexus handsets and tablets that usually run the latest version of Android. However, while the new threat can compromise many Android handsets, it’s likely it’s not actively used in attacks at this point.

DON’T MISS: Consumer Reports: Galaxy S7 beats iPhone to become the world’s best smartphone

Millions of Android handsets are at risk, Lookout discovered. The problem lies with a Linux vulnerability that was patched in April 2014. But even so, Android developers did not fix it even after the vulnerability received vulnerability identifier CVE-2015-1805 last February, Ars Technica reports.

Google is very much aware of the problem and it looks like at least one rooting app that could take advantage of the flaw has been discovered in the wild. Rooting Android devices is popular among power users, as the procedures gives them the liberty of further customizing their Android experience.

“An elevation of privilege vulnerability in the kernel could enable a local malicious application to execute arbitrary code in the kernel,” said an Android security advisory last week. “This issue is rated as a critical severity due to the possibility of a local permanent device compromise and the device would possibly need to be repaired by re-flashing the operating system.”

The vulnerability is present in Android devices that use Linux kernel versions 3.4, 3.10 and 3.14, including Nexus 5 and Nexus 6 devices, as well as a large number of handsets coming from major manufacturer brands. Kernel versions 3.18 or higher are not susceptible to such attacks.

As Ars points out, the good news is that this vulnerability requires a local exploit, meaning that drive-by web attacks are “infeasible if not impossible.”

Google has updated the Verify Apps feature to make sure that devices block the installation of rooting apps that exploit the vulnerability, and the rooting app that can take advantage of the security hole is not available from Google Play.

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.