Linus Torvalds, founder of the Linux system, said that no system is secure , even Linux itself is vulnerable to vulnerabilities and dangerous ones, such as those that were discovered recently and exist in the kernel of the system three years ago.
The security company Insight Point discovered the vulnerability, which has the official name CVE-2016-0728 and has been in the Linux kernel since version 3.8 that was released in 2013.
According to the company, the vulnerability requires physical access to the device that uses the Linux system, whether it is a personal computer, server, Android phones, and others. The vulnerability can be exploited to obtain full root privileges, which means complete control of the device and thus install malicious applications and control the functions of the system itself.
This vulnerability affects about 66% of the various Android devices that run on Android KitKat version 4.4 and earlier, and it constitutes the majority of devices in the market nowadays, and its number reaches more than 900 million devices out of about 1.4 billion Android devices.
Of course, the number of other affected devices is less, but there are still tens of millions of personal computers running the Linux system in its various distributions, and even servers that use Linux as the most stable one is affected by the vulnerability.
What is reassuring is that the vulnerability has not been widely exploited so far, and despite its presence in the Linux kernel three years ago, and none of the volunteer developers were able to discover it, and as long as it is discovered now, companies will work to issue a security update to fill the hole and the fastest will be Nexus devices, of course, and this comes within the framework of Monthly security updates crusade sent by companies.