The recent discovery of a security hole in the Linux kernel is making many Android users uneasy. Countless devices are potentially affected and unsafe. This includes newer Android phones, with two major flagship models appearing to be particularly affected.
- A new vulnerability called “Dirty Pipe” has been discovered in the Linux kernel
- Apparently, the vulnerability has existed since 2020
- Mainly affects newer smartphones launched with Android 12
The “new” exploit was discovered by Max Kellerman, who was also able to demonstrate the vulnerability on a Pixel 6 and contacted Google. The so-called “dirty pipe” exploit allows apps that can read your files to execute malicious code, potentially giving the attacker full control of your device.
Which Android 12 devices are affected?
The exploit can pose a threat to devices running Linux kernel 5.8 and later. On Android, these devices mainly include newer Android 12 models like the Google Pixel 6 and the Samsung Galaxy S22 series. With over 1.02 million pre-orders for this series alone, we can assume that the total number of affected devices is huge.
Kernel versions are not the same for all Android 12 devices, even if they run on similar patches. So before you worry, we recommend that you check the kernel version.
With a quick check, we were also able to confirm that the Samsung Galaxy Tab S8 Plus may also be affected. On the other hand, Oppo Find X5, which also runs Android 12, runs kernel version 5.4.86. At least there you are safe from vulnerability.
If you want to know if your device is vulnerable, go to settings and search nucleus. If your version number is higher than 5.8, you need to be a little more careful about the apps you download. At least until Google releases a patch for the bug.
Google is working on bug fixes, until then you can do the following:
According to Max Kellerman’s page, Google has been aware of the issue since February 22 and has implemented its bug fix into the Android kernel. Noisy 9to5Google For example, the most recent security patches for Google and Samsung smartphones do not mention the vulnerability in their patch notes, so we cannot be sure if it has been adequately addressed.
Fortunately, no major attacks exploiting the vulnerability have yet been discovered. However, since the vulnerability has been public knowledge for about a month, it can be assumed that malicious parties are already working on ways to exploit the vulnerability.
We recommend all owners of devices with kernel versions higher than 5.8 to be a little more careful about the applications they download. One way to verify the permissions an app needs before downloading is with the Exodus security platform, which runs a test of app permissions and data collection code.
Last but not least, we recommend all users to keep their devices up to date. To check for updates, go to Settings > About device.
What are you saying? Do you own one of the affected devices and, if so, which one?