The Linux kernel keychain leak caused a stir at the beginning of this week. Not only would make the leak susceptible numerous Linux PCs, smart phones also Android would be sensitive to the leak. In retrospect it all is not too bad and the number of PCs and smartphones which is vulnerable to the leak smaller than initially was thought
.
Adrian Ludwig, Lead Security Engineer of Android, says in his blog many devices running Android 4.4 or earlier do not run the code which kernel is vulnerable: 3.8. “These newer kernel versions are generally not used on older Android devices.”
In addition, devices, where Android 5.0 or higher running, anyway secured thanks to the SELinux (Security-Enhanced Linux) kernel module . This module prevents apps at all may come to the offending code. Ludwig also emphasized that no single Nexus device prone to leak.
These messages are at odds with the reports of Perception Point and Red hat which says that there can be worked around SELinux.
No comments:
Post a Comment