Android users should be aware of this new security risk. Here’s how to fix it


Android devices have flown under the radar again and appear to be exposed to a new type of vulnerability that could give attackers complete control over the Android device. Initially spotted by security researcher Max Kellerman last month, the very serious security flaw was initially discovered in the Linux kernel. Since Android uses the Linux kernel as its core, the vulnerability has impacted some Android 12 devices, including the Samsung Galaxy S22 series as well as Google Pixel 6 phones.

What is this security risk?

It has been identified as “CVE-2022-0847” and dubbed “Dirty Pipe,” according to Kellerman’s blog. The Dirty Pipe vulnerability in Linux allows attackers to execute malicious code capable of a host of destructive actions, including installing backdoors into the system, injecting code into scripts, modifying binaries used by elevated programs and the creation of unauthorized user profiles. Kellerman’s blog post noted that the Linux Kernel 5.8 vulnerability allowed “data to be overwritten in arbitrary read-only files”. Since Android is built on the Linux kernel (kernel) operating system, the vulnerability threatens any device running Android, such as smartphones. , smart speakers, televisions, etc.

Here’s how to fix it

Since this security risk resides in a fundamental element of the Linux kernel, it can have major repercussions across the world. The ease of exploitation coupled with its scope makes Dirty Pipe a major threat to all Linux maintainers. So, the best course of action against Dirty Pipe would be to update your systems with the latest security updates.

The vulnerability was first reported by Max Kellerman of CM4all and a patch mitigating the threat on kernel versions 5.10.102, 5.15.25 and 5.16.11 was released by the Linux Kernel Security Team this month. last. Following this, Google patched the flaw in Android. If you’ve kept your Linux machines up to date, you should be safe and sound.

Meanwhile, in a related development, Samsung has also promised to release security updates for its Android 12-based Galaxy devices to address the “Dirty Pipe” vulnerability.

“We have already worked to develop security patches on Android 12 Galaxy devices and will soon release security updates to address the issue,” the company said. “We recommend that all users keep their devices updated with the latest software to ensure the highest level of protection possible,” he said.

To subscribe to Mint Bulletins

* Enter a valid email address

* Thank you for subscribing to our newsletter.

Never miss a story! Stay connected and informed with Mint. Download our app now!!


About Author

Comments are closed.