Just a few days ago a zero-day vulnerability was discovered in the Linux kernel, basically, that’s bad news for anything that’s based on Linux, and that includes the most widely used operating system on the planet, Android. When the exploit CVE-2016-0728 was announced by Perception Point it claimed that the vulnerability affected 66% of all Android devices out there, Google has confirmed that it’s investigating the matter and that it believes the real number of affected Android devices is actually smaller than what Perception Point has come up with.
Configuration flag called CONFIG_KEYS is what this exploit is entirely based on, the configuration flag is present in all kernels since Linux 3.8, and that’s possibly why Perception Point thinks it affects 66 percent of Android devices out there.
The exploit can be used by an attacker to gain root access to the device, however, it’s going to need a lot of processing time, and it also helps that the recommended configuration for Android Linux Kernel has CONFIG_KEYS disabled.
Google’s Adrian Ludwig has said that the company’s Nexus devices are not affected by this exploit and that because of SELinux, all devices running Android 5.0 Lollipop or higher are protected as well.
Older devices that are running Android 4.4 or lower remain a concern and there are still lots of devices out there running outdated versions of Android, and for that reason, Google has developed a patch for this exploit and is going to further investigate the matter to find out the precise scale of this issue. It’s rolling the patch into the March 1st security update, once the devices have been patched they will be forever secured against this particular exploit.