Skip to main content

A two-year-old security flaw could give hijackers root access to your Android phone

Google Marshmallow
Image used with permission by copyright holder
Google warns that hijackers could get root access to your Android phone from an application using a security flaw that was first discovered two years ago.

Background

The flaw is part of the Linux Kernel, which is what Android is built on. It was actually fixed in April 2014, but it wasn’t flagged as a vulnerability at the time. Later in February 2015, the security implications were discovered, and it subsequently received the CVE-2015-1805 identifier. Even so, it wasn’t an issue for Android devices since it wasn’t ported to the Android software.

Recommended Videos

However, last month the CoRE Team found that this vulnerability could be exploited by hackers to achieve root on Android devices. A hacker with root access to your device would acquire superuser access, which is more control than even you or other third-party apps have. They would be able to access and modify all system files.

Please enable Javascript to view this content

CoRE notified Google of the exploit and the company started working on a patch that would be included in a future security update. Unfortunately Google couldn’t work fast enough, as Zimperium, the security team who uncovered the Stagefright hack, told Google the exploit was already in use on a Nexus 5 phone.

This was done through an application in the Play Store that has already been blocked. Google actively blocks apps that attempt to achieve root access, but it’s unclear how long the app was in the wild. Google said in a security advisory, “Google has confirmed the existence of a publicly available rooting application that abuses this vulnerability on Nexus 5 and Nexus 6 to provide the device user with root privileges.”

Google classified this issue with a Critical severity rating, but the application in question wasn’t considered malicious. However, the Critical severity rating means that other hackers could use the same exploit to spread malware.

A patch is on the way

Google already published patches for the flaw in the Android Open Source Project (AOSP) for the 3.4, 3.10 and 3.14 versions of the Android kernel. Version 3.18 and above aren’t vulnerable.

These patches will be included in the April security update for Nexus devices. That’s the good news. The bad news is that Nexus devices only represent a handful of Android devices. It’s up to the manufacturers to issue patches for all the other Android devices around the world.

How to protect yourself

We know that exploits such as these can be scary, but you’re unlikely to fall victim to it if you make sure to download apps only from Google Play since Google will block any apps that use the exploit.

If you must install an app from a third party, make sure Verify Apps is turned on. To do this, open Settings, and find Google. Tap on it, followed by Security. Scroll down to the Verify Apps section and make sure that Scan device for security threats is turned on. Now any third-party apps that you install will be scanned for threats. Verify Apps is a good thing to turn on because it will protect you from all other exploits, not just this one.

If you want to find out if your device has received the patch, head into Settings, and tap on About Phone. Find the heading for the Android security patch level. If it’s April 1, 2016 or newer, you’re all set. If not, you can always contact the manufacturer of your phone and find out when the update will take place.

Robert Nazarian
Former Digital Trends Contributor
Robert Nazarian became a technology enthusiast when his parents bought him a Radio Shack TRS-80 Color. Now his biggest…
Google Gemini is about to get a lot more useful on your Android phone
Google Gemini app on the Motorola Razr Plus 2024.

Google isn’t planning on hitting the breaks on Gemini anytime soon. After first teasing a number of new extensions during Google I/O 2024, a recent APK teardown from Android Authority has revealed a ton of unannounced, useful new features from Gemini that are soon coming to your Android phone. Gemini is expected to get a variety of new extensions that will allow integration into Google services like Keep, Tasks, and Calendar.

Each of the extensions seems to provide useful features, and Android Authority has demo videos showcasing each. With Google Keep, you can now ask Gemini to create new notes and lists, add information to notes, and add or remove items from lists. Google Tasks now lets you use Gemini to create new tasks, including reminders. It’ll also allow you to view existing tasks and show their due dates.

Read more
Update your Google Pixel phone right now to fix a big security issue
A person holding the Google Pixel 8a

Google just rolled out its July security update for Pixel devices. While last month's Feature Drop added some cool features, like Gemini Nano on more devices, this month's update addresses a critical security vulnerability. So, if you have a Google Pixel device from the Pixel 5a and later with Android 14, make sure to update it as soon as possible.

What’s the critical security issue? It’s known as CVE–2024–31320, which Google says, under certain conditions, allows third-party apps (“3p”) to bypass user prompts. If you have seen this happening on your Pixel device, then you should be aware that it’s not a good thing to have. So make sure you grab the July security update ASAP.

Read more
Android 15 will give your phone an important new security feature
Android 15 logo on a Google Pixel 8.

Google is introducing a security feature in Android 15 to guard against "juice jacking" attacks, as reported by Android Authority, The new feature is currently being tested in the Android 15 beta.

Wondering what a "juice jacking" attack is? It describes an event where a hacker secretly sends data payloads to your device, should it have the ability to both charge and transfer data over the same USB connection. This includes most modern smartphones, and examples of hardware used for juice jacking include mobile charging stations. Should the attack be successful, hackers could compromise the device, wreak havoc, and endanger your privacy.

Read more