Symantec claims Linux exploit ported to Android
SECURITY VENDOR Symantec has warned that a Linux kernel exploit that allows user priviledges to be escalated has been ported to Android.
The Linux kernel CVE-2013-2094 vulnerability was first published on 14 May and affected a number of Linux distributions that used the Linux 2.6.x kernel, including Red Hat Enterprise Linux 6, Ubuntu 12.04 LTS, Debian 6 and Suse Enterprise Linux 11. While Red Hat, Canonical and other distributions have long since issued patches, Symantec claimed that the exploit has been ported to Android.
Google's Android operating system runs on top of the Linux kernel, and while Android 4.2 Jelly Bean uses Linux 3.0, previous versions of Android used Linux 2.6.