Google is launching a mid-month security update for Nexus smartphones because of the recently discovered flaw in the Linux kernel. This flaw can be used to root the Google Nexus 5 and Nexus 6. The exploitable flaw has raised alarms at Google and is being regarded as a severe issue. The fault came to light after Google discovered that a rooting application was using an “unpatched local elevation of privilege vulnerability in the kernel”. This meant that malicious applications now had the ability to modify the code within the software. In case someone were to exploit the vulnerability, the only way to fix the smartphone would be to re-flash the entire operating system. Due to this Google’s Android partners and AOSP have received the security update.
Currently, Google’s verification apps have been preventing the rooting apps that exploit the flaw, from being installed in the smartphones from Google Play Store or other various stores. Android devices using Linux Kernel version 3.18 or higher have not been affected. According to the Android Security Advisory, all unpatched Android devices on kernel versions 3.4, 3.10 and 3.14 are vulnerable to this exploit.
There are very low chances of your Android phone being exploited because Google Play Store doesn’t offer such rooting apps and, also because of the Google Verify apps that prevent such apps from being installed from any app store. Still, the Google Nexus smartphones will soon get the updates. In order to ensure full protection, we advise you to install this update as soon as it is available to the public.