Google publishes interim kernel patch for critical vulnerability in Android




Google on Friday issued an interim security update for its Android operating system to seal a leak. The company did not wait for the monthly patch round because the vulnerability as “critical” is designated by the company.

The vulnerability gets the name CVE-2015-1805 with. Devices with Linux kernel version 3.4, 3:10 and 3:14 are vulnerable. Version 3.18 and later of the kernel are already out of range. Although this vulnerability has long been known to Google, the company has recently of security Zimperium evidence accumulated that the leak is also pretty easy to exploit. The exploits a malicious application can permanently elevated privileges, or root access verkijgen. That could only be resolved by the operating system to flash again. Google reported there in that it has not observed that the exploit is actually being used in the wild.

Android logo However, the wait is not necessarily on the different manufacturers to release the kernel update for their devices. Google itself has the malware scanner from the Play Store updated apps that exploit the vulnerability to filter out. Moreover, the Verify Apps feature of Android is updated. This detects the apps in question when they are installed outside the Play Store. Thus the risk in this case already seems much smaller. Nexus devices will be updated within a few days, Google promises. are immediately AOSP patches available to manufacturers of non-Nexus devices.

In: Technology & Gadgets Asked By: [18460 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »

Star Points Scale

Earn points for Asking and Answering Questions!

Grey Sta Levelr [1 - 25 Grey Star Level]
Green Star Level [26 - 50 Green Star Level]
Blue Star Level [51 - 500 Blue Star Level]
Orange Star Level [501 - 5000 Orange Star Level]
Red Star Level [5001 - 25000 Red Star Level]
Black Star Level [25001+ Black Star Level]