SECURITY VENDOR Symantec has warned that a Linux kernel exploit that allows user privileges to be escalated has been ported to Android.
The Linux kernel CVE-2013-2094 vulnerability was first published on 14 May and affected a number of Linux distributions that used the Linux 2.6.x kernel, including Red Hat Enterprise Linux 6, Ubuntu 12.04 LTS, Debian 6 and Suse Enterprise Linux 11. While Red Hat, Canonical and other distributions have long since issued patches, Symantec claimed that the exploit has been ported to Android.
Google's Android operating system runs on top of the Linux kernel, and while Android 4.2 Jelly Bean uses Linux 3.0, previous versions of Android used Linux 2.6.
Symantec said of the vulnerability, "The Android operating system normally sandboxes every application so they cannot perform sensitive system operations or interfere with other installed applications. In the past, we have seen malware use privilege escalation exploits to access data from other applications, prevent uninstall, hide themselves, and also bypass the Android permissions model to enable behaviors such as sending premium SMS messages without user authorization."
While Symantec correctly point out the vulnerability affected Linux 2.6, and the firm doesn't say whether the mutated Android version affects any other versions of the Linux kernel, the problem is that many smartphone and tablet makers do not issue software updates, meaning some users could still be stuck with a version of Android that runs on a vulnerable Linux kernel.
Since Google has made it easy for Android users to download and install apps from third party sources, Android has become a target for malware. Symantec recommends that Android users running older versions stick to trusted sources of Android apps, such as the Google Play store. µ