Google warns of a vulnerability affecting most Android phones
Google warns of a vulnerability affecting most Android phones
Google warns of a vulnerability affecting most Android phones
Google has revealed that it has found evidence of an uncorrected vulnerability in the Android operating system that is being used in real-world attacks currently named (CVE-2019-2215).
Although the vulnerability has been fixed in older versions of Android, it has reappeared in later versions.
The vulnerability exists in the kernel of the Android operating system and can be used to help the attacker gain access to the root user of the device.
Ironically, the vulnerability was corrected in December 2017 in Android versions 3.18, 4.14, 4.4 and 4.9, but found in later versions of the Android system.
Google researchers believe that the vulnerability affects the following Android phone models running Android 8.0 and later:
- Google Pixel.
- Google Pixel 1 XL.
- Google Pixel 2.
- Google Pixel 2 XL
- Huawei P20.
- Xiaomi Redmi 5A.
- Xiaomi Redmi Note 5.
- Xiaomi A1.
- Oppo A3.
- Moto Z3.
- Samsung Galaxy S7.
- Samsung Galaxy S8.
- Samsung Galaxy S9.
- LG Oreo phones.
Google researchers said that the exploitation requires little or no allocation for each device, which means that the exploitation must be able to work across a wide range of phones, although they did not confirm this through manual reviews, as they did for the devices mentioned above.
Google’s security team, Project Zero, discovered the vulnerability, and the company’s Threat Analysis Group (TAG) later confirmed it was being used in the attacks.
“We believe the vulnerability has been exploited by NSO Group, an Israeli company known for selling surveillance and exploitation tools,” said Google’s Threat Analysis Group (TAG).
A spokesman for the Android open source project that this vulnerability can not be exploited without user intervention, and there are some conditions that must be met before the attacker can exploit the vulnerability.
The spokesman said: This problem has been classified as very serious for the Android system, and requires the installation of a malicious application for potential exploitation, and told us Android partners, and the patch became available on the common core of Android.
He added that the devices (Google Pixel 3); ((Google Pixel 3 XL); and (Google Pixel 3a) operating with the latest Android kernel are not at risk.
Google Pixel and Google Pixel 2 devices should get updates for this issue as part of the October security update.
Day zero is now traced as CVE-2019-2215. This error tracking entry from the Project Zero team contains concept proof code and additional details for the security researcher who wants to reproduce the error and test other devices.