Search engine giant, Google has rolled out its Android Security update earlier this month for its Nexus devices. The latest news is that the company is again planning to roll out a mid-month security patch as well after a critical Linux kernel flaw was discovered in a rooting app.
According to the researchers from Zimperium, they found some flaws in a rooting application for the Nexus 5 and the Nexus 6 smartphones last week. However, after confirming the existence of the flaws, it has blocked installation of rooting apps.
"Google has become aware of a rooting application using an unpatched local elevation of privilege vulnerability in the kernel on some Android devices (CVE-2015-1805). For this application to affect a device, the user must first install it. We already block installation of rooting applications that use this vulnerability both within Google Play and outside of Google Play using Verify Apps, and have updated our systems to detect applications that use this specific vulnerability," said the Android Security Advisory page.
As per the Android Security advisor, the Google has released a fix in the AOSP repository for multiple kernel versions. Android partners have been notified of these fixes and are encouraged to apply them. Anyhow, the Android devices using Linux kernel version 3.18 or higher are not vulnerable.