HOME/ Back to list »

Google Denies Linux Kernel Vulnerability Claim From Red Hat, Perception Point

By Lynn Palec / 1453518696
(Photo : Reuters) This year, Google started pushing out its security updates through Nexus devices.

Tech company Red Hat and security company Perception Point recently reported a perceived Linux flaw they claim could affect PCs, servers and up to 66 percent of devices running on the Android platform.

Red Hat and Perception Point claim that the vulnerability directly affects the kernel of the mentioned OS'. This vulnerability could give malicious attackers a way to gain remote code executing and completely take over the device.

On the other hand, Google retorted to issue claiming that they were not given the usual time window in order to fix the flaw before it being released into the public.

Red Hat and Perception Point released the zero-day vulnerability of the Linux kernel on Jan. 19. Google was quick enough to address the issue and released a patch two days later.

Google's Adrian Ludwig addressed the issue and posted on his Google+ account, "Since this issue was released without prior notice to the Android Security Team, we are now investigating the claims made about the significance of this issue to the Android ecosystem. We believe that the number of Android devices affected is significantly smaller than initially reported."

Google added that devices running on Android 5.0 Lollipop and later versions as well as the company's Nexus smartphones are protected with a new layer of security protocol called Android SELinux policy, according to Engadget. This new security measure prevents third-party applications from accessing the code which might open up vulnerability for the system.

With regards to what Red Hat and Perception Point claim, Google said that most devices running on Android 4.4 KitKat and earlier versions of Android do not contain the flawed code which was introduced in the Linux 3.8 kernel. Google also claims that the initial estimate of affected devices were somewhat inaccurate especially when a large portion of older devices were ruled out of the equation.

On the other hand, Google recently released a patch which is a requirement for all Android devices in order to take advantage of the company's latest security protocols. Users of Android-based devices are required to update their gadgets in order to make sure that it has the latest security standards.

Related Stories

Most Recent