A few days ago, a developer called Max Kellermann discovered a major security flaw in Linux kernel version 5.8. Discovered in 2020, this breach also affects later versions of the kernel. The researcher titled the flaw “Dirty Pipe”. The vulnerability affects all devices with an operating system that relies on a Linux kernel, such as Android smartphones/tablets, Google Home speakers, Chromecasts or Chromebooks.
The flaw allows a malicious app to view all files on your smartphone without first obtaining your consent. Above all, the breach leaves the possibility for a hacker to execute code on your smartphone or tablet. Thanks to these lines of code, it is theoretically possible to take control of your device.
According to Ron Amadeo, journalist at Ars Technica, the quantity of Android devices affected by the flaw is very limited. This is because most Android phones and tablets rely on an older version of the Linux kernel.
Android 12 flaw allows hacking some smartphones including Galaxy S22
“The Dirty Pipe vulnerability is extremely serious in that it allows an attacker to overwrite—temporarily or permanently—files on the system they should not be able to change,” Christoph Hebeisen, head of security research at mobile security provider Lookout, wrote in an email. “Attackers can use this to change the behavior of privileged processes, effectively gaining the capability to execute arbitrary code with extensive system privileges.”
According to his findings, only smartphones released on the market with Android 12 are affected by the vulnerability. Also, among the devices affected, we find the Galaxy S22 range, the Galaxy S21 FE, the Google Pixel 6 / Pixel 6 Pro, the Oppo Find X5, or the Realme 9 Pro+.
In addition, Ron Amadeo discovered the presence of the breach on Android through a Pixel 6. He was able to exploit the vulnerability to execute code and bypass the security measures put in place by Google.
As announced, the breach only affects smartphones released under Android 12 which are based on a version of the Linux kernel older than 5.8. So, to find out if this is the case with your phone, follow the manipulation below:
- Open the Settings app
- Go to About Phone
- Tap Android Version
- Look for Kernel Version
So, for now, there is no indication that hackers have actively exploited the flaw. Alerted by developers, Google has released a patch to protect users. The patch is not yet available to affected phones.
“Given that there are already exploits floating around on Twitter, it’s already too late for people who had existing untrusted users on their system,” Spengler said. “Anyone with an affected kernel version (>= 5.8) should apply the fix ASAP.”