Security Experts Discover Linux Kernel Bug That Gives Attackers Root Level Access To Computers, Android Smartphones

Sumit Passary, Tech Times 20 January 2016, 09:01 am

Security experts have found a critical vulnerability in the Linux kernel, which could allow hackers to obtain root level access to computers and Android devices.

Researchers at startup Perception Point found the bug and suggest that it has been present in the Linux kernel since 2012. The vulnerability affects all operating system with Linux kernel 3.8 and higher, which means millions of PCs are exposed to the flaw. The vulnerability also affects Android 4.4 KitKat and higher.

Google has released data revealing the adoption rate of its operating systems, which shows that more than 69 percent of its devices are running on Android 4.4 KitKat or above.

"While neither us nor the Kernel security team have observed any exploit targeting this vulnerability in the wild, we recommend that security teams examine potentially affected devices and implement patches as soon as possible," says Perception Point.

Researchers explain that the flaw indexed as CVE-2016-0728 is located in the OS keyring, which lets apps store authentication tokens, encryption keys and other sensitive security-related data inside the kernel. Once the OS keyring is compromised it can allow hackers to get complete root level access.

Yevgeny Pats, the co-founder and CEO of Perception Point, says that it is pretty easy for an attacker to exploit the vulnerability since only local access is required. Attackers can get full root access to the operating system if they successfully exploit the flaw. Hackers will be able to view users' personal information, delete files and also install malicious apps after gaining root access to a PC or a mobile device.

Pats added that no auto update for the kernel is present, so the bug can pose a threat for a long time. Each and every Linux server should be patched to get rid of the bug.

Normally, bugs found in the Linux kernel receive a patch as soon as they are found. However, the latest bug was present in the Linux code for three years and was found just recently.

Researchers at Perception Point have notified the Linux team and a fix is expected to be released sooner than later. However, mobile devices running on vulnerable Android operating systems may have to wait a bit longer as carriers and manufacturers of smartphones and devices do not push updates automatically.

Perception Point also noted that "SMEP and SMAP will make it difficult to exploit as well as SELinux on android devices." However, the most important thing is to fix the issue as soon as possible.