Software Integrity Blog


1.4 billion Android devices vulnerable to hijack attacks

Roughly 80 percent of all Android devices contain a Linux vulnerability that affect unencrypted communications and allow attackers to hijack data.

The vulnerability is in the design and implementation of RFC 5961, a relatively new Internet standard. Ironically, it’s intended to prevent certain classes of hacking attacks. The way it is written now, an blind off-path attacks, in which hackers detect when any two parties are communicating over an active transmission control protocol connection. The attackers can then exploit the flaw to shut, down the connection, and inject malicious code or content into unencrypted data streams.

According to Ars Technica researchers said that the Linux flaw appears to have been introduced into Android version 4.4 (aka KitKat) and remains present in all future versions, including the latest developer preview of Android Nougat. That tally is based on the Android install base as reported by statistics provider Statista, and it would mean that about 1.4 billion Android devices, or about 80 percent of users, are vulnerable.

RFC 5961 has not yet been fully implemented in Windows or Mac OS X

Those maintaining the Linux kernel have released a fix, version 4.7, however this patch has yet to be implemented in mainstream Linux. Hence the Android vulnerability.


More by this author