Recently Google has detected a new weakness in the Kernel code of its Android OS which is affecting not only Pixel Smartphones but also Xiaomi, Samsung, Huawei etc. The bug has been named “Zero-Day Exploit” by Google, as they say examples of it have only been found to be used in the real world.
An Israeli company called NSO Group, also known for making Mobile Spyware Pegasus, has taken advantage of this weakness. Google itself has published proof of this weakness of Android OS for the users, so that the user can check that it is not affected by any other smartphone.
According to the report, this weakness can be exploited when Target installs one of the Malicious App and can be used to obtain Root Access of any device. One post stated that “this is a Kernel Privilege Escalation, which uses Use-After-Free Vulnerability and it can easily access inside the Chrome Sandbox”.
Google says that all the Google Android Partners have been informed about this weakness by them and also made Patch available on Android Common Kernel. For Pixel and Pixel 2 users, the October security update will provide Patch for this Exploit, while Pixel 3 users are not threatened by it.
In the list of devices affected by this bug, Pixel, Pixel XL, Pixel 2, Pixel 2 XL, Huawei P20, Redmi 5A, Redmi Note 5, Mi A1, Oppo A3, Moto Z3, Oreo LG Phone, Samsung Galaxy S7, Samsung Galaxy S8, and Samsung Galaxy S9 etc.