Almost 1.4 billion Android smartphone users are affected by a Linux vulnerability discovered recently. The vulnerability allows attackers to spy on people using unencrypted connections or inject malicious code into encrypted connections, states a blog post by researchers from mobile security firm Lookout.
The Linux vulnerability is applicable on all Android smartphones running Android 4.4 KitKat or higher. The Linux vulnerability also attacks the latest Android 7.0 Nougat developer beta. The security researchers at Lookout note the patch for Linux kernel was authored on July 11, 2016 and the latest developer preview of Android Nougat doesn’t seem to be patched against this flaw.
The security flaw was first found in version 3.6 of the Linux operating system kernel. The version 3.6 was introduced in 2012, reports ArsTechnica. ArsTechnica’s report adds Google is already aware of this flaw and its engineers are taking appropriate actions.
Linux security flaw basically attacks the transport control protocol (TCP) connection whenever a user establishes a long-lived internet connection. The Lookout security report says if the connection is found unencrypted, the attackers can inject malicious code into the traffic. The worst part of the attack is the fact the flaw leaves even encrypted connections at the risk of being terminated.
ArsTechnica further adds that it takes only 10 seconds for an attacker to monitor the connection and another 45 seconds to inject the malicious code into their traffic. The technique seems apt for targeted attacks, and not opportunistic ones.
Recently, researchers at Checkpoint confirmed that nearly 900 million Android smartphones powered by Qualcomm chipsets are at the risk of root access due to Quadrooter vulnerability. The vulnerability only affects smartphones running Qualcomm processors, and there is little a user can do to protect against these flaws. Android smartphones are also under constant threat from vulnerabilities like Stagefright.