http://arstechnica.com/security/2016/03/rooting-bug-in-android-opens-nexus-phones-to-permanent-device-compromise/
>Millions of Android phones, including the entire line of Nexus models, are vulnerable to attacks that can execute malicious code and take control of core functions almost permanently, Google officials have warned.
>The officials have already uncovered one unidentified Google Play app that attempted to exploit the vulnerability, although they said they didn't consider the app to be doing so for malicious purposes. They are in the process of releasing a fix, but at the moment any phone that hasn't received a security patch level of March 18 or later is vulnerable. The flaw, which allows apps to gain nearly unfettered "root" access that bypasses the entire Android security model, has its origins in an elevation of privileges vulnerability in the Linux kernel. Linux developers fixed it in April 2014 but never identified it as a security threat.
>For reasons that aren't clear, Android developers failed to patch it even after the flaw received the vulnerability identifier CVE-2015-1805 in February 2015.
Will Android security issues ever cease?
>>53630206
>Will Android security issues ever cease?
Even if they patch it, only people who own a Nexus will get fixes for it anyways because carriers and manufacturers are fucking jews and take a million year to release a patch, I still don't have Marshmallow on my HTC M9
it's not even a remote exploit someone needs to enable common sense in normies
Does this affect Blackberry Priv running grsec kernel?
>>53630206
>The officials have already uncovered one unidentified Google Play app that attempted to exploit the vulnerability, although they said they didn't consider the app to be doing so for malicious purposes
wat
>>53630206
Years ago, at Google HQ
> Hey, let's make a mobile OS
> "Great idea anon! What language shall we use?"
> UHHHH, HUURRR, JAVA?
> "Wow are you a genius!"
>>53630206
>but at the moment any phone that hasn't received a security patch level of March 18 or later is vulnerable.
So basically every nexus after the nexus 4.
Cool, I am safe.
>>53630206
So it's possible to root all the current locked phones now?
>have a Nexus
>don't have to care
No non-trivial piece of software (let alone an entire OS) is bug free
Those bug may then be exploited
/news/
>>53631927
>Millions of Android phones, including the entire line of Nexus models, are vulnerable to attacks
>>53632005
the nexus models will likely be the only ones patched in a timely fashion
>>53632005
And then it goes on to say that the Nexus phones will be patched anyway, so it's a stupid clickbait article, what's your point
>>53632031
>>53632038
Right now they're vulnerable
>>53632084
so is dat ass
>>53630206
Haha, you faggots root your phones for the dumbest shit, and then turn around and blame Google and phone manufacturers for the security risks you created by intentionally breaking your phones.
Just give it up. Fucking babies. You can't have it both ways.
What do normies need to realize that updates are an important thing and they should never buy products from companies which drop support after 1 year?
>>53632152
This has nothing to do with rooting
>The flaw, which allows apps to gain nearly unfettered "root" access that bypasses the entire Android security model
>>53632154
Normies buy iphones or samshit. Am yet to see a Nexus 5X or 6P.
>>53632192
I see heaps of Indians with Nexus phones. Mostly the 5 and 6P.
>>53632152
read the article dumbass
>>53632245
I did. Every point I made is still valid.
>>53632192
I have the 5x now. It's a decent phone and I heard it was easily rootable/ROMable. How true is this?
>>53630206
Are CM version also affected by it? I don't use Google Play Store and I dont want to upgrade to the unstable nightly build
>>53630339
weak
>The vulnerability is present in all Android releases that use Linux kernel versions 3.4, 3.10, and 3.14. That includes all Nexus phones, as well as a large number of handsets marketed under major manufacturer brands. Android releases that use kernel versions 3.18 or higher aren't susceptible.
I-isn't Linux on 4. something now?
>>53632451
Linux kernel is, Android kernel is not. For whatever reason they decide to use old kernels and slap driver code and whatever else on top of them instead of just using a more recent kernel
More root for locked bootloaders. Sounds awesome.
>>53631865
Almost. Some phones like the Note 4 are unrootable because of dm verity which automatically prevents unsigned changes in RAM and disk. This feature has existed since KitKat.
>>53630206
How can I use this to root my phone?
