A newly discovered vulnerability in the Linux kernel could allow attackers to gain access to millions of Android devices as well as Linux PCs and servers.
Security firm Perception Point found the bug indexed as CVE-2016-0728, which has existed for almost three years since Linux kernel version 3.8 was released in 2013. The company recently developed a proof-of-concept and reported the flaw to developers who maintain the kernel.
The vulnerability could allow people with local access to servers to exploit it and gain complete root access. Similarly, on Android phones running version 4.4 (KitKat) and later, it could allow a malicious app to control underlying OS functions.