A privilege escalation vulnerability affecting phones running Android 8.x and later is being leveraged by attackers in the wild, Google has revealed.
Interestingly enough, the flaw was patched in late 2017 in v4.14 of the Linux kernel and in Android versions 3.18, 4.4, and 4.9, but the fix was apparently never propagated to later Android versions.
Who’s affected?
Maddie Stone, a Senior Security Engineer on the Android Security team at Google, revealed that a number of Android devices are affected/vulnerable, including Pixel 2 with Android 9 and Android 10 and the following ones with Android 8.x:
Huawei P20
Xiaomi Redmi 5A
Xiaomi Redmi Note 5
Xiaomi A1
Oppo A3
Moto Z3
Oreo LG phones
Samsung S7, S8, S9
The list might not be exhaustive, as it was compiled based on source code review. St ..
Support the originator by clicking the read the rest link below.
