Four major security holes in the Qualcomm chips which power modern Android devices have left as many as 900 million users vulnerable to a range of attacks.
According to Israel-based security firm Checkpoint, the flawsâ€"dubbed "Quadrooter"â€"found in the firmware which governs the chips, could allow potential attackers to "trigger privilege escalations for the purpose of gaining root access to a device" using malware which wouldn't require special permissions, allowing it to pass under suspicious users' radars.
http://arstechnica.co.uk/security/2016/08/qualcomm-chip-flaws-expose-900-million-android-devices/
There is an app from Checkpoint that you can install and scan your phone.
https://play.google.com/store/apps/details?id=com.checkpoint.quadrooter