A bug present in Linux almost three years ago can be used by hackers to take almost total control of a device, say security experts. This can affect tens of millions of PCs and servers, as well as 66% of smartphones and tablets with Android.
According to the Perception Point, the newly discovered bug, known as CVE-2016-0728, is on the keyring (aka keychain) operating system, which is used to store data security, authentication and encryption keys, avoiding the use of such items for legacy applications. The team of Perception Point, however, identified a bug – and built a proof of concept attack -. Which makes it possible to replace a keyring item that is in memory for a code
This code is then run by the kernel – a crucial part of the operating system, which translates software applications for entry and exit in the actions to be performed by the CPU. The code can be used to make any type of action -. Gain root access to the server, get control of the entire operating system on a phone with Android or even attack a hardware that runs an embedded version of Linux
The bug affects Linux kernel in its version 3.8, which was released in early 2013. Therefore, affect any Android that runs KitKat or higher. The Perception Point note which was not observed “any attack that has this vulnerability in particular” but “recommended that a security team examine the potentially affected devices and implement fixes as soon as possible.”
The Ars Technica notes that major Linux distributions should receive a correction this week, but may take longer until your Android device to receive an update. As always, stay tuned
.
Comments
All comments are subject to moderation. DD reserves the right to delete comments that do not comply with the rules of use. The reviews posted are the sole responsibility of their authors.
No comments:
Post a Comment