Android has a problem. Nothing new there, but this one could prove impossible to fix. Thousands of devices equipped with Snapdragon chips are potentially at risk from hackers, thanks to an apparently undetectable software flaw with a rather catchy name.
CVE-2016-2060 has been described by security firm FireEye as “a lack of input sanitization of the "interface" parameter of the "netd" daemon, a daemon that is part of the Android Open Source Project (AOSP).” And breathe.
Here's the backstory: Qualcomm introduced new APIs in 2011, as part of the Android network manager system service, and in doing so phones were connected to the "netd" daemon, meaning that hackers could get their dirty hands on users’ text messages and phone histories, either through physical access to their unlocked device or by tricking them into installing a dodgy app.
“Any application could interact with this API without triggering any alerts,” reads a rather worrying section in FireEye’s blog post. “Google Play will likely not flag it as malicious, and FireEye Mobile Threat Prevention (MTP) did not initially detect it. It’s hard to believe that any antivirus would flag this threat.”
Phones and tablets running Android Lollipop, KitKat, Jellybean and Ice Cream Sandwich are affected by the problem, though it's understood that the flaw is yet to be exploited. The situation’s even worse for devices running an older version of the OS. Though Qualcomm issued a patch almost immediately and Google rolled out a fix on May 1st, the state of Android fragmentation means that the hole is likely to stick around for most users. [ArsTechnica]