Major vulnerability called "Dirty Pipe" found in Android 12 smartphones like the Pixel 6 and Galaxy S22
Ever since the emergence of the infamous Spectre and Meltdown exploits which were found in numerous modern Intel, AMD and ARM processors a few years ago, many users have become quite wary when it comes to dangerous vulnerabilities which could potentially compromise the security of their devices and therefore their private data. Unfortunately, a major exploit called "Dirty Pipe" has now been found in Android 12-based smartphones like the new Samsung Galaxy S22 and Google Pixel 6 series.
To be more precise, the root cause of the "Dirty Pipe" vulnerability is a bug that was introduced with the Linux kernel version 5.8, which apparently is only used by new smartphones that shipped with Android 12, but not by smartphones which have been updated to Android 12 from an earlier Android version. The developer who found the Dirty Pipe exploit is Max Kellermann, who has publicly posted a lengthy report on all the technical details of the vulnerability.
In simple terms, it allows Android applications with the permission to read files to also overwrite data, which consequently could be used to run malicious code. Kellermann has supposedly used a Google Pixel 6 to successfully demonstrate how the "Dirty Pipe" vulnerability can be exploited. Until an according Android security update for affected devices like the Galaxy S22 is released, owners can minimize the associated risks by only installing trustworthy apps from reliable sources.
Buy the factory unlocked Samsung Galaxy S22 smartphone on Amazon
Source(s)
CM4all via 9to5Google, Image: Google