Skip to main content

1.4 billion Android users at risk from a Linux bug

According to researchers from security company Lookout, there is a newly discovered vulnerability in Android devices which allows hackers to terminate connections, or inject malicious code and content.

The vulnerability has its roots in Linux operating system's version 3.6, which was introduced into Android with the version 4.4 (KitKat). It hasn't been removed since, and is also present in the developer preview of Android Nougat.

This brings the total of vulnerable Android devices up to 1.4 billion, or approximately 80 per cent.

The problem lies in the Transmission Control Protocol connection, which serves things like web mail or messaging. An attacker could determine if the device is connecting with something (or someone) and basically terminate it, or inject malicious code or content.

Security researchers have said Android users should encrypt everything, as that helps. Still, even encrypted communications can still be terminated.

"The tl;dr is for Android users to ensure they are encrypting their communications by using VPNs, [or] ensuring the sites they go to are encrypted," Lookout researcher Andrew Blaich told Ars. "If there's somewhere they're going to that they don't want tracked, always ensure they're encrypted."

Google is already aware of the problem, and considers it a ‘moderate’ risk. A spokesperson said the vulnerability is not specific for Android phones, rather for Linux. Google also said its developers are ‘taking appropriate actions’.

Those wanting to know more about the vulnerability should look for CVE-2016-5696. Linux devs have already patched things up.