There is a race condition bug in the Sprite Software backup application installed on at least 40 LG Android devices, a security researcher said.
The vulnerability could end up exploited by a local attacker to execute arbitrary code as the root user.
The issue impacts devices running version 1.3.24 of “spritebud,” the service that performs the backup/restore actions, and version 2.5.4105 of “backup,” the user front end app, said Justin Case of CunningLogic. However, it’s likely that other versions suffer from the issue as well.
The exploit depends on a crafted backup file that allows the attacker to write to, change permission, and change ownership of any file.
LG, Google, and Sprite Software are aware of the vulnerability and a patch for the issue will release soon.