Notebookcheck Logo

Major vulnerability called "Dirty Pipe" found in Android 12 smartphones like the Pixel 6 and Galaxy S22

Besides the Pixel 6, the Samsung Galaxy S22 also appears to be affected by the "Dirty Pipe" vulnerability (Image: Google)
Besides the Pixel 6, the Samsung Galaxy S22 also appears to be affected by the "Dirty Pipe" vulnerability (Image: Google)
The recently discovered exploit could allow malicious applications to take full control of Android 12 devices like the Galaxy S22 and Pixel 6 series of smartphones, even though there are no reports that attackers have already started using the Dirty Pipe vulnerability.

Ever since the emergence of the infamous Spectre and Meltdown exploits which were found in numerous modern Intel, AMD and ARM processors a few years ago, many users have become quite wary when it comes to dangerous vulnerabilities which could potentially compromise the security of their devices and therefore their private data. Unfortunately, a major exploit called "Dirty Pipe" has now been found in Android 12-based smartphones like the new Samsung Galaxy S22 and Google Pixel 6 series.

To be more precise, the root cause of the "Dirty Pipe" vulnerability is a bug that was introduced with the Linux kernel version 5.8, which apparently is only used by new smartphones that shipped with Android 12, but not by smartphones which have been updated to Android 12 from an earlier Android version. The developer who found the Dirty Pipe exploit is Max Kellermann, who has publicly posted a lengthy report on all the technical details of the vulnerability.

In simple terms, it allows Android applications with the permission to read files to also overwrite data, which consequently could be used to run malicious code. Kellermann has supposedly used a Google Pixel 6 to successfully demonstrate how the "Dirty Pipe" vulnerability can be exploited. Until an according Android security update for affected devices like the Galaxy S22 is released, owners can minimize the associated risks by only installing trustworthy apps from reliable sources.

Buy the factory unlocked Samsung Galaxy S22 smartphone on Amazon

Source(s)

CM4all via 9to5Google, Image: Google

static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2022 03 > Major vulnerability called "Dirty Pipe" found in Android 12 smartphones like the Pixel 6 and Galaxy S22
Enrico Frahn, 2022-03-10 (Update: 2022-03-10)