Perception Point announced on Tuesday that they have discovered a vulnerability in Linux code that they say puts 66% of all Android devices at risk
The Israeli cyber security firm Perception Point announced on Tuesday that they have discovered a vulnerability in Linux code that they say puts 66% of all Android devices as well as tens of millions of machines running the software at risk for hackers to take control of devices.
The zero day exploit identified just over a month ago by the Perception Point team opens the door for taking root control over these devices utilizing only low level permissions.
Perception Point’s CEO Yevgeny Pats tells Geektime that the exploit found in the keyring feature that runs on systems operating Linux’s 3.8 software and above resides in the core kernel.
His research team identified the vulnerability while they were developing their security agent for Linux systems. The company is currently building a proactive security product aimed at protecting machines running Windows, Linux, and OS X.
Upon this discovery, Perception Point approached Linux distributor Red Hat’s David Howell, who authored the feature’s code. A patch for the exploit was released today at 7:00 am EST. Pats tells Geektime that they have also contacted other Linux distributors, alerting them to the vulnerability.
At this point, Pats says that he is unaware of any malware that is using this vulnerability to carry out attacks, but says that now that it is being made public, some of the bigger labs like Kaspersky may find that it has been utilized by some of the viruses that they are currently tracking.
Pats notes that for the attacker to gain access to the device through a legitimate app, it must be performed locally. However, hackers can use phishing techniques or other exploits to attain initial access onto the device and then follow through to achieve full root control.
It is worth noting that the keyring feature where the vulnerability was found has caused controversy in the past, with Linux’s principal author Linus Torvalds (warning, this guy uses a lot of foul language) reportedly having opposed Red Hat’s expansion of the original feature.
Founded in 2015, Perception Point was co-founded by Pats, CTO Shlomi Levin, and VP of R&D Michael Aminov. They have received funding from State of Mind Ventures, which is run by the former head of Israel’s 8200 military intelligence unit – Yuval Baharav – and Pinhas Buchris. All three served in elite intelligence units in the IDF before branching out to the private sectors, working at high level security firms that have been integrated into IBM, Palo Alto Networks, and PayPal.
Immediate actions to close the vulnerability
Pats recommends that all Android and Linux users update their devices as soon as possible.
He notes that while Red Hat’s patch should be sufficient to insulate vulnerable devices, many older machines no longer update automatically, leaving them open to the exploit if left unattended.
The widespread reliance on Linux-based systems across the tech world and its use as the basis of open source platforms like Android make this a serious vulnerability if left unchecked.
Featured image credit: McIek / Shutterstock