Android rooting bug puts millions of Android smartphones at risk from hackers

Google issues emergency fix and bans rooting Apps from Google Play but millions of Android smartphones still at risk from this rooting bug

A bug discovered in 2014 is giving Google engineers sleepless nights as Google tries to stamp out rooting apps that exploit an unpatched Linux kernel bug affecting all Android devices. The bug puts millions of Android phones, including the entire line of Nexus models at risk and allows hackers to execute malicious code and take control of core functions almost permanently.

The flaw which is basically a Linux kernel vulnerability, allows apps to gain nearly unfettered “root” access that bypasses the entire Android security apparatus. The bug was discovered in 2014 is a vulnerability in the Linux kernel that can be exploited by a local attacker to escalate privileges on affected systems. Linux developers patched the vulnerability in 2014 however Android smartphones which were also vulnerable to the same vulnerability were never patched.

The bug reared its head again in 2015 and was given the vulnerability identifier CVE-2015-1805 in February 2015. Google has put its feet down on rooting apps available on Google Play which can exploit the vulnerability with ease. According to an advisory on Friday, the unnamed rooting apps, which are available in Google Play and outside its app store, could lead to a “local permanent device compromise”. Repairing the device would require reflashing the operating system.

Google has also released a unscheduled patch for its own Nexus products to protect them from being exploited in the wild.

“An elevation of privilege vulnerability in the kernel could enable a local malicious application to execute arbitrary code in the kernel,” an Android security advisory published Friday stated. “This issue is rated as a critical severity due to the possibility of a local permanent device compromise and the device would possibly need to be repaired by re-flashing the operating system.”

Google was forced into releasing the emergency patch after researchers at security firm Zimperium reported last week that the bug had been abused on a Nexus 5. Google then confirmed that a publicly available rooting app could also compromise the Nexus 6.

The company has also updated the Android Verify Apps security feature to detect the rooting apps. Google notes that it has not seen the rooting apps being used for exploitation that it considered “malicious”. For a device to be compromised, the user would need to install the rooting app manually.

Google has also issued a patch to other Android handset makers like LG, Samsung, HTC etc. on March 16 and also released fixes for vulnerable kernels in the Android Open Source Project.

Researchers at c0reteam in February notified Google that the bug could also be exploited on Android, prompting Google to develop a patch that was probably originally slated for the April monthly update.