A bug that was first found in version 3.6 of the Linux OS kernel (released in 2012) allows attackers to terminate a device’s connections to servers and applications. It could also be exploited to spy on unencrypted traffic or inject malware into the user’s data stream.
The security flaw, which was noted by security firm Lookout on its blog, is worrying because it’s also present in Android KitKat 4.4 and later versions. That means that 80 percent of all Android devices, or about 1.4 billion of them, are affected and vulnerable to attacks.
There’s good news and bad news. The bad news is that this enables a hacker to eavesdrop on your communications without having to compromise the network to do so, i.e. initiate a man-in-the-middle-attack.
The good news is that the flaw isn’t exactly easy to exploit; it’d take almost a minute to attack a single user, and so it wouldn’t be practical to use this for large swathes of people. However, it’s suitable for targeted attacks on individuals.
Plus, Google told Ars Technica that company engineers are already aware of the flaw and are “taking the appropriate actions.” Vulnerability CVE-2016-5696 has already been patched in the Linux kernel, and it’s likely that a fix for Android will arrive soon.