Skip to main content
  1. Home
  2. Mobile
  3. News

A two-year-old security flaw could give hijackers root access to your Android phone

By

Google Marshmallow
Google warns that hijackers could get root access to your Android phone from an application using a security flaw that was first discovered two years ago.

Background

The flaw is part of the Linux Kernel, which is what Android is built on. It was actually fixed in April 2014, but it wasn’t flagged as a vulnerability at the time. Later in February 2015, the security implications were discovered, and it subsequently received the CVE-2015-1805 identifier. Even so, it wasn’t an issue for Android devices since it wasn’t ported to the Android software.

Recommended Videos

However, last month the CoRE Team found that this vulnerability could be exploited by hackers to achieve root on Android devices. A hacker with root access to your device would acquire superuser access, which is more control than even you or other third-party apps have. They would be able to access and modify all system files.

Related

CoRE notified Google of the exploit and the company started working on a patch that would be included in a future security update. Unfortunately Google couldn’t work fast enough, as Zimperium, the security team who uncovered the Stagefright hack, told Google the exploit was already in use on a Nexus 5 phone.

This was done through an application in the Play Store that has already been blocked. Google actively blocks apps that attempt to achieve root access, but it’s unclear how long the app was in the wild. Google said in a security advisory, “Google has confirmed the existence of a publicly available rooting application that abuses this vulnerability on Nexus 5 and Nexus 6 to provide the device user with root privileges.”

Google classified this issue with a Critical severity rating, but the application in question wasn’t considered malicious. However, the Critical severity rating means that other hackers could use the same exploit to spread malware.

A patch is on the way

Google already published patches for the flaw in the Android Open Source Project (AOSP) for the 3.4, 3.10 and 3.14 versions of the Android kernel. Version 3.18 and above aren’t vulnerable.

These patches will be included in the April security update for Nexus devices. That’s the good news. The bad news is that Nexus devices only represent a handful of Android devices. It’s up to the manufacturers to issue patches for all the other Android devices around the world.

How to protect yourself

We know that exploits such as these can be scary, but you’re unlikely to fall victim to it if you make sure to download apps only from Google Play since Google will block any apps that use the exploit.

If you must install an app from a third party, make sure Verify Apps is turned on. To do this, open Settings, and find Google. Tap on it, followed by Security. Scroll down to the Verify Apps section and make sure that Scan device for security threats is turned on. Now any third-party apps that you install will be scanned for threats. Verify Apps is a good thing to turn on because it will protect you from all other exploits, not just this one.

If you want to find out if your device has received the patch, head into Settings, and tap on About Phone. Find the heading for the Android security patch level. If it’s April 1, 2016 or newer, you’re all set. If not, you can always contact the manufacturer of your phone and find out when the update will take place.

Editors’ Recommendations

Topics
Robert Nazarian
Robert Nazarian
Former Digital Trends Contributor
Robert Nazarian became a technology enthusiast when his parents bought him a Radio Shack TRS-80 Color. Now his biggest…
A flaw in MediaTek audio chips could have exposed Android users’ conversations
A MediaTek processor on a motherboard.

Security researchers have discovered a new flaw in a MediaTek chip used in over a third of the world’s smartphones that could have potentially been used to listen in on private conversations. The chip in question is an audio processing chip by MediaTek that’s found in many Android smartphones from vendors such as Xiaomi, Oppo, Realme, and Vivo. Left unpatched, researchers say, a hacker could have exploited the vulnerabilities in the chip to eavesdrop on Android users and even hide malicious code.
Check Point Research (CPR) reverse-engineered MediaTek’s audio chip, discovering an opening that could allow a malicious app to install code meant to intercept audio passing through the chip and either record it locally or upload it to an attacker’s server. 
CPR disclosed its findings to MediaTek and Xiaomi several weeks ago, and the four identified vulnerabilities have already been patched by MediaTek. Details on the first can be found in MediaTek’s October 2021 Security Bulletin, while information on the fourth will be published in December. 
“MediaTek is known to be the most popular chip for mobile devices,” Slava Makkaveev, Security Researcher at Check Point Software, said to Digital Trends in a press release. “Given its ubiquity in the world, we began to suspect that it could be used as an attack vector by potential hackers. We embarked research into the technology, which led to the discovery of a chain of vulnerabilities that potentially could be used to reach and attack the audio processor of the chip from an Android application.”
Fortunately, it looks like researchers caught the flaws before they could be exploited by malicious hackers. Makkaveev also raised concerns about the possibility of device manufacturers exploiting this flaw “to create a massive eavesdrop campaign;” however, he notes that his firm didn’t find any evidence of such misuse. 
Tiger Hsu, product security officer at MediaTek, also said that the company has no evidence that the vulnerability has been exploited but added that it worked quickly to verify the problem and make the necessary patches available to all device manufacturers who rely on MediaTek’s audio processors. 
Flaws like these are also often mitigated by security features in the Android operating system and the Google Play Store, and both Makkaveev and Hsu are reminding users to keep their devices updated to the latest available security patches and only install applications from trusted locations. 

Read more
Android 11 update: Here’s when your phone is getting new software
Google Pixel 4a Front

Android 11 is here. The new mobile operating system isn't necessarily as groundbreaking as some previous updates, but it still brings several new privacy features, as well as some visual changes that should make accessing things like smart home devices a whole lot easier.

Of course, you might be wondering exactly when your phone is getting Android 11. The good news is that Android 11 is coming to more devices week by week. The bad news is that even months after it debuted, some phones still haven't received the update or only have early betas available. Still, some big names have rolled out the update to popular models — hopefully including the one in your hand.

Read more
7 things you didn’t know your Pixel phone could do
Google Pixel 5

Google's Pixel phones have long been hailed as the best way to get a stripped-back, responsive Android experience. Google offers a few different Pixel phones at different price points, but they generally fall in the midrange to "premium midrange" price bracket -- and they're among the best phones in that price bracket.

But while Pixel devices offer a near-stock Android experience, they're not completely devoid of personality. Google has added a number of features to Pixel phones that make them easier to use and more versatile.

Read more