Android apps and mobile phones have been vulnerable to vulnerabilities in the past, and this is still the case today. A new exploit called the Dirty Pipe has been discovered. This exploit allows your app (with the required permissions) to read the file. Can infect malicious programs and take control of the entire system Of vulnerable Android 12 devices. Details are here.
Beware of dirty pipe exploits on Android
Dirty pipe vulnerabilities. CVE-2022-0847 (the number assigned to the Common Vulnerabilities and Exposures) was discovered by Android developer Max Kellerman. He used Pixel 6 to discover a vulnerability and reported it to Google. The Vulnerability due to Linux 5.8Released for Android in 2020. Ars Technica’s Ron Amadeo, this vulnerability only affects new Android 12 devices such as Pixel 6 and Galaxy S22 devices.
So while the Galaxy S22 Ultra may be physically powerful, the device can easily become infected with the vulnerability.it has been Called one of the most severe vulnerabilities Affects Linux-based devices such as Android-based smartphones, Google Home devices, and Chromebooks.
How does the vulnerability work?
Dirty pipes are recommended to affect Linux pipes (to transfer data from an app or process to another process) and pages (small chunks of memory). This bug can exploit pipes and pages, allowing an attacker to modify data or gain complete control over the device. You can read all the technical details here.
Following Kellerman’s report Linux Released fixes for supported devices In the form of 5.16.11, 5.15.25, 5.10.102 last month. after that, Google has also integrated Kellerman’s fix into the Android kernel.. It hasn’t been released to users yet at the time of writing this story. Google recommends that you release a fix for Dirty Pipe with either a special patch update or an April security update.
If you’re worried that your Galaxy S22 or Pixel 6 device is at risk, you can: go to Check settings and kernel version.. Above 5.8, the phone could be exposed to a dirty pipe vulnerability. Fortunately, this exploit has not yet been used by a real attacker. However, researchers have theorized a proof-of-concept example to show how DirtyPipe can be used to easily break into vulnerable devices.
Therefore, if you are using a Pixel 6 device or Galaxy S22 model with a kernel version higher than 5.8, Beware of untrusted apps that require system permissions On the device until Google releases a fix. Also, stay tuned for future updates on this issue in the coming days.
