A zero-day vulnerability in the Linux kernel where 66% of terminals equipped with Android 4.4 or later gets pinched is discovered

ByKārlis Dambrāns

It is also used in Android etc.Linux kernelamongZero-day vulnerabilityHas been discovered and it was found that there was a possibility that attacks using vulnerabilities could be done until the patch was offered. With this vulnerability, an attacker can easilyRoot authorityIt is a big topic that 66% of the Android terminal using the Linux kernel may be subject to attack because it seems to be able to fully control the data in the device and the device because it can obtain it .

Analysis and Exploitation of a Linux Kernel Vulnerability (CVE-2016-0728) | Perception Point

Zero-day Linux kernel security flaw leaves millions of Android users vulnerable

Linux bug imperils tens of millions of PCs, servers, and Android phones | Ars Technica

It was Israel's Internet security company that found the vulnerability in the Linux kernel "Perception Point". The discovered vulnerability is identified by the identification number "CVE-2016-0728It is included in "Linux 3.8" and subsequent versions released in 2013. However, it has not been confirmed so far that cases of misuse of these.

I discovered that the discovered zero day vulnerability is ironically found to be in "key ring" which is one of the security features of the Linux kernel. Keyring is a mechanism mainly for holding security data or storing it in the cache, there are authentication key, encryption key, etc. here. By using the vulnerability found by this key ring, arbitrary code can be executed with root privilege, so it is regarded as a problem that it can be abused by a malicious attacker etc.


A further problem is that it uses the Linux kernel in that there are hundreds of millions of users using terminals that contain the vulnerabilityLinux DistributionIt can be said that it is a harmful effect that has come from the large number of people. And Android is most likely to be affected by this vulnerability.

It contains Android 4.4 KitKat and later versions of Android that contain vulnerabilities,Approximately 66% of all Android users. For Android, there are multiple versions that require a patch, but third parties using these patches often customize the OS for their own devices, so they are compatible with patches released by Google Whether or not there is gender varies from terminal to terminal, so it is no doubt that correction becomes more troublesome.

Also,Embedded LinuxHowever, there is a possibility that security may be avoided, there is a possibility that it may affect not only PC but also server etc. However, since the zero day vulnerability has been discovered, Linux security teams distribute patch patches in collaboration with Linux distributions Red Hat and SUSE.

in Mobile,   Security, Posted by logu_ii