+ Tuesday October 22nd, 2019

Nexus Logo
Google’s monthly security updates will see an additional rollout this month, after Google noted an exploit had been used on a Nexus 5.

The vulnerability – specifically CVE-2015-1805 – was being used by a rooting app, which used a previously reported exploit to gain local elevation of privilege. The vulnerability was scheduled to be patched as part of Google’s regularly scheduled monthly update, but once security researchers at Zimperium showed the exploit had been abused on a Nexus 5, and Google further found it could be used on a Nexus 6, Google moved forward with the mid-month patch.

Google has patched the exploit in AOSP, and shared the patch with partners who can roll the fix out as part of their own update schedule, to unpatched devices running kernel versions 3.4, 3.10 and 3.14, which includes all Nexus devices. Google specifically states that Android devices running Linux kernel 3.18 and above – which includes the newly released Galaxy S7 – are not affected.

The rooting app, as are all apps of this nature, is specifically blocked in Google Play, and the Verify Apps function in Android already detects applications using this specific vulnerability, so it has to be installed specifically to be used.

The fix is available, and Google has advised that ‘Nexus updates are being created and will be released within a few days’.

Source: Google Security Bulletin.
Via: Android Central.

Daniel Tyson  


Dan is a die-hard Android fan. Some might even call him a lunatic. He's been an Android user since Android was a thing, and if there's a phone that's run Android, chances are he owns it (his Nexus collection is second-to-none) or has used it.

Dan's dedication to Ausdroid is without question, and he has represented us at some of the biggest international events in our industry including Google I/O, Mobile World Congress, CES and IFA.

newest oldest most voted
Notify of
Ausdroid Reader

Just about every exploit is one where the user specifically has to go out of their way to install it.

Tony Soprano
Tony Soprano

Pretty much why I don’t worry most of the time. Don’t download dodgy/suss looking applications and 99% of them time you’ll be fine.

Check Also

Google announce Android 10 (Go edition), coming later this season

Not everyone can afford or have access to high-end smartphones, or even mid-range smartphones and …