SOURCE
What you need to know about the CONFIG_KEYS Linux kernel vulnerability
Quote:
What you need to know about the CONFIG_KEYS Linux kernel vulnerability
Quote:
Quote:
Should you be worried?
- The recommended kernel configuration for Android devices does not have the CONFIG_KEYS variable turned on, and that means this exploit will have no effect. The people who made your phone may have enabled it, and custom ROM cookers might have, too.
- All Nexus phones are unaffected - they use the default kernel configuration and the Keyring is not enabled in the kernel.
- SELinux negates the attack vector, so if your phone or tablet is running Android 5.0 or higher, you should be unaffected.
- Most devices not running Android 5.0 or higher will be using an older version of the Linux kernel, and are unaffected.