The flaw which is basically a Linux kernel vulnerability, allows apps to gain nearly unfettered “root” access that bypasses the entire Android security apparatus. The bug was discovered in 2014 is a vulnerability in the Linux kernel that can be exploited by a local attacker to escalate privileges on affected systems. Linux developers patched the vulnerability in 2014 however Android smartphones which were also vulnerable to the same vulnerability were never patched. The bug reared its head again in 2015 and was given the vulnerability identifier CVE-2015-1805 in February 2015. Google has put its feet down on rooting apps available on Google Play which can exploit the vulnerability with ease. According to an advisory on Friday, the unnamed rooting apps, which are available in Google Play and outside its app store, could lead to a “local permanent device compromise”. Repairing the device would require reflashing the operating system. Google has also released a unscheduled patch for its own Nexus products to protect them from being exploited in the wild. Google was forced into releasing the emergency patch after researchers at security firm Zimperium reported last week that the bug had been abused on a Nexus 5. Google then confirmed that a publicly available rooting app could also compromise the Nexus 6. The company has also updated the Android Verify Apps security feature to detect the rooting apps. Google notes that it has not seen the rooting apps being used for exploitation that it considered “malicious”. For a device to be compromised, the user would need to install the rooting app manually. Google has also issued a patch to other Android handset makers like LG, Samsung, HTC etc. on March 16 and also released fixes for vulnerable kernels in the Android Open Source Project. Researchers at c0reteam in February notified Google that the bug could also be exploited on Android, prompting Google to develop a patch that was probably originally slated for the April monthly update.
