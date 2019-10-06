Google's Project Zero researchers recently discovered a new zero-day vulnerability in the Android operating system that would allow hackers to gain full access to at least eighteen Android smartphones, including that from Samsung, Google, and Xiaomi.

The bug is a kernel privilege escalation using a use-after-free vulnerability and was allegedly being used or sold by the NSO Group, an Israel-based cyber-intelligence firm, Google security researcher Maddie Stone quoted Threat Analysis Group (TAG) and external parties as saying in a post. The vulnerability is exploitable in two ways:

via untrusted or malicious apps, or

via web

According to Maddie's post, "the bug is a local privilege escalation vulnerability that allows for a full compromise of a vulnerable device. If the exploit is delivered via the Web, it only needs to be paired with a renderer exploit, as this vulnerability is accessible through the sandbox."

Here is the list of vulnerable devices:

Google Pixel 1

Google Pixel 2 with Android 9 and Android 10 preview

Huawei P20

Xiaomi Redmi 5A

Xiaomi Redmi Note 5

Xiaomi A1

Oppo A3

Moto Z3

Oreo LG phones

Samsung Galaxy S7, Galaxy S8, Galaxy S9

"This issue was patched in Dec 2017 in the 4.14 LTS kernel, AOSP android 3.18 kernel, AOSP android 4.4 kernel, and AOSP android 4.9 kernel versions, but the Pixel 2 with most recent security bulletin is still vulnerable based on source code review," the Maddies's post further added.

"This issue is rated as High severity on Android and by itself requires installation of a malicious application for potential exploitation. Any other vectors, such as via a web browser, require chaining with an additional exploit. We have notified Android partners and the patch is available on the Android Common Kernel. Pixel 3 and 3a devices are not vulnerable while Pixel 1 and 2 devices will be receiving updates for this issue as part of the October update," Android said in response to the vulnerability identified by the Project Zero team.