A near decade old security flaw in the Linux kernel that is being exploited by hackers can also affect Android, it has been reported.

Last week Red Hat advised all Linux users to patch the hole as soon as possible, after it found that Dirty COW existed in nearly all versions of the Linux source code for many years.

Privilege Escalation

The name is derived from how the flaw exploits the way the Linux kernel’s memory subsystem handles the copy-on-write (COW) breakage of private read-only memory mappings.

Dirty COW gave hackers the ability to obtain greater access and control over a targeted computer, so called ‘privilege escalation’. Researchers warned last week  Dirty COW occurred in different layers of Linux making it difficult to defend against it using security software.

And given the spread of the open source operating system, the flaw potentially affected a huge number of systems.

And this seems to be the case as Android of course was developed on top of Linux, and this privilege-escalation bug can apparently be used on Android to give hackers root access to a device.

Security researcher David Manouchehri published proof-of-concept code that can exploit Dirty Cow on Android and provide root access on a number of Android devices.

“It’s very easy for someone who’s somewhat familiar with the Android filesystem,” Manouchehri told ArsTechnica. “From what I can tell, in theory it should be able to root every device since Android 1.0. Android 1.0 started on [Linux] kernel [version] 2.6.25, and this exploit has been around since [Linux kernel version] 2.6.22.”

“Successfully got root access on Android 6.0.1 via the DirtyCow exploit (CVE-2016-5195),” Manouchehri tweeted.

Android Security

The discovery that Dirty COW can also be used to exploit Android comes amid continuing security concerns about Android.

Last week for example a study found that a single family of malware accounted for most of the current infections on Android devices.

Mobile security firm Cheetah Mobile examined what it said are the two most prevalent Trojan horses on Android – called com.sms.sys.manager and com.al.alarm.controller – and found they were slightly altered variants of a single family, known as Ghost Push.

Also last week McAfee Labs discovered a variant of the Acecard trojan malware which tricks gullible Android users into posing for a selfie while handing over other personal information.

Earlier this month Google patched a massive 78 Android vulnerabilities with its latest security bulletin for the mobile operating system.

Are you a security pro? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Vodafone Germany Confirms 2,000 Job Losses, Amid European Restructuring

More downsizing at Vodafone after German operation announces 2,000 jobs will be axed, as automation…

14 hours ago

AI Poses ‘Jobs Apocalypse’, Warns Report

IPPR report warns AI could remove almost 8 million jobs in the United Kingdom, with…

15 hours ago

Europe’s Longest Hyperloop Test Track Opens

European Hyperloop Center in the Netherlands seeks to advance futuristic transport technology, despite US setbacks

16 hours ago

NHS Scotland Confirms Clinical Data Published By Ransomware Gang

NHS Dumfries and Galloway condemns ransomware gang for publishing patients clinical data after cyberattack earlier…

18 hours ago

Fewer People Using Twitter After Musk Takeover – Report

Research data suggests fewer people are using Elon Musk's X, but platform insists 250 million…

20 hours ago

Julian Assange Wins Temporary Reprieve For US Extradition Appeal

US assurances required. Julian Assange handed a slender reprieve in fight against his extradition to…

22 hours ago