Serious Security Bugs Found In Android Kernel

An analysis of the kernel used in Google’s Android smartphone software has turned up 88 high-risk security flaws that could be used to expose users’ personal information, security firm Coverity said in a report published on Tuesday.

The results, published in the 2010 edition of the Coverity Scan Open Source Integrity Report, are based on an analysis of the Froyo kernel used in HTC’s Droid Incredible handset.

Enterprise fears

The results arrive as Android is increasing its market share and increasingly being used in the enterprise.

While Android implementations vary from device to device, Coverity said the same flaws were likely to exist in other handsets as well. Coverity uncovered a total of 359 bugs, about one-quarter of which were classified as high-risk.

The report analysed a total of 61 million lines of open source code from 291 widely used projects, including Apache, Linux, PHP and Samba.

While Android’s density of bugs per thousand lines of code was lower than the average found in open source software overall, it was higher than that of the Linux kernel, according to Coverity. The company said some of the bugs appeared to be important enough to have been addressed before the code was released.

Fixes demanded

Coverity said it will hold off releasing the details of the flaws until January to allow Google and handset vendors to issue fixes. The flaws could be patched via an over-the-air update, Coverity said.

Canalys reported on Monday that Android now dominates the US smartphone market with a 44 percent share, up from 33 percent in the second quarter of this year.

While the deployment of Android on large numbers of handsets has allowed the software to claw market share away from competitors such as RIM, some have criticised Google’s “hands-off” approach for harming the quality of Android and its applications.

Matthew Broersma

View Comments

  • Searching old article about bug on android and i find this....we need to collect old bug on android to publish
    at my blog, will give you credit as soon as the article publish.

Recent Posts

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

2 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

4 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

5 hours ago

Dutch PM Raises Cyber Espionage Case With China’s Xi

Beijing visit sees Dutch Prime Minister Mark Rutte discuss cyber espionage incident with Chinese President…

6 hours ago

Vodafone Germany Confirms 2,000 Job Losses, Amid European Restructuring

More downsizing at Vodafone after German operation announces 2,000 jobs will be axed, as automation…

22 hours ago

AI Poses ‘Jobs Apocalypse’, Warns Report

IPPR report warns AI could remove almost 8 million jobs in the United Kingdom, with…

23 hours ago