A flaw was discovered yesterday that puts millions of Linux and Android devices at risk.
A serious security flaw has been found in the Linux kernel affecting millions of both Linux and Android devices worldwide. The flaw, discovered by Israeli security group Perception Point, is three years old, although there have been no reports of its exploitation in the wild. The Linux keyring weakness could allow an attacker to gain cached data such as passwords and more. By executing code in the kernel, even a user with only partial access to a device could elevate their privileges using this exploit. "This vulnerability has implications for approximately tens of millions of Linux PCs and servers," explained Perception Point in an official blog post, "and 66 percent of all Android devices."
Linux developers are busy trying to patch the security flaw. However, a greater worry is the distribution of a patch to millions of Android devices which are at risk. This could present a larger issue than for Linux PC users, particularly for users who do not regularly update their software. The process of releasing security updates by Google is a long one, as the updates need to make their way through Android manufacturers for device-specific tailoring. Mobile carriers represent yet another involved party, which can considerably slow the speed of pushing these updates out to users. Perception Point ended their post with a call to action, stating that "the most important thing for now is to patch it as soon as you can."
Photo: © iStock.