The sharing of components in the operating systems is as a rule a wise option. With this philosophy can be reduced and cut short the developments in other processes.
But there is also the possibility of a simple security flaw affect all systems. That’s what is happening now, with a flaw in the Linux kernel which also affects thousands of Android devices.
The latest flaw discovered in the Linux world is located in the kernel and allows attackers to gain root access, the highest in this system, relatively simply.
Discovered by security company Perception Point, this failure has the particularity to affect not only Linux, but also about two thirds of Android devices. As these two systems share some of the code, including the kernel, this is a very wide failure and that is having a big impact.
The problem has existed since 2012 and affects versions 3.8 and later kernel, which extends then to the devices that are running version 4.4 or later of the Android.
How serious this flaw?
The vulnerability is in the keyring feature, which deals with access of drivers to inside information of the system.
If exploited, the attacker can gain access to run code in the Linux Kernel or extract security information located in cache, which in some cases may include authentication keys and figure.
Is there a solution in sight?
For Linux it is expected that the next hour updates are released that will fix this problem in major Linux distributions.
Already in Android will be more difficult this problem is corrected. Google is already aware of the problem but did not comment on it.
The problem should be fixed in the next monthly security updates that brands have launched, but these will be limited to the most recent versions of Android . The older equipment will again be exposed and vulnerable to yet another security hole that will stay unresolved.
No comments:
Post a Comment