A few days ago, a developer named Max Kellermann discovered a major vulnerability in the software. Linux kernel version 5.8. Introduced in 2020, this breach also affects later versions of the kernel. The researcher named the flaw “Dirty Pipe”.
The vulnerability affects all devices with an operating system based on a Linux kernel, such as: Android smartphones/tablets, Google Home speakers, Chromecasts and even Chromebooks.
The flaw jeopardizes smartphones released under Android 12
The flaw is a malicious application see all files of your smartphone without your prior consent. First of all, the breach allows an experienced hacker to execute code on your smartphone or tablet. Thanks to these lines of code, it is theoretically possible to take control of your terminal.
According to Ars Technica journalist Ron Amadeo, the number of Android devices affected by the flaw is very limited. This is because most Android phones and tablets An earlier version of the Linux kernel.
According to his findings, only smartphones released under Android 12 are affected by the vulnerability. Affected terminals include Galaxy S22 series, Galaxy S21 FE, Google Pixel 6 / Pixel 6 Pro, Oppo Find X5 or Realme 9 Pro +.
Ron Amadeo discovered the existence of the breach on Android via a Pixel 6. It was able to exploit the vulnerability to execute code and bypass security measures implemented by Google.
How do you know if your Android smartphone is affected?
As explained, the breach only affects smartphones released under Android 12 based on a Linux kernel version older than 5.8. To find out if this is the case on your phone, follow the manipulation below:
- open app Settings
- enter inside about the phone
- press on Android version
- Call kernel version
For now, there is no indication that hackers are actively exploiting the flaw. Warned by the developers, Google released a fix to protect users. The patch has not yet been deployed to the affected phones.
Source: Max Kellerman
