It is not uncommon for vulnerabilities to be identified on mobile devices. After all, software development advances every year. It is natural to find hidden problems. Luckily, dozens of developers and security companies are combing through the code for potential problems. New, a new problem has appeared for Android smartphones. The problem has been dubbed dirty pipe and is essentially a Linux kernel exploit. This exploit allows individuals to insert and overwrite data into read-only processes without root or administrator privileges. This is a serious problem that could allow an application to modify your system elements and extract your data with simple commands.
This vulnerability was previously used to gain temporary root access to Android. However, in the same way, it could allow hackers to inject malware to gain access to the system. Fortunately, the problem is disappearing from smartphones. Well, at least smartphones that receive updates.
Dirty Pipe ends on the Pixel 6 series and some Samsung devices
The dirty pipe issue has been fixed in Linux kernel versions 5.16.11, 5.15.25 and 5.10.102 and in the Android version of the Linux kernel. Unfortunately, the update didn’t come natively with Google’s April 2022 Android security patch. The update may yet come via the May 2022 Android security patch, but some lucky smartphone owners have already received that patch. Google’s Android QPR3 Beta 2 for Pixel 6 and Pixel 6 Pro already comes with a patched version of the kernel. Hopefully the update will reach other devices in the Pixel series as well. Google smartphone owners shouldn’t have to wait long for major fixes.
Apparently, Samsung is the only Android OEM with a fix for its smartphones. The Korean company has recently done a remarkable job of rolling out updates to its smartphones. Now some of them are getting this important security patch. The company’s security bulletin currently mentions patch CVE-2022-0846 and upon closer inspection it appears to fix dirty pipe attacks. Other flagship smartphones are still waiting for an update, like the Xiaomi 12 series, even OnePlus, which was one of the fastest updates, has not released the patch.
It’s up to the manufacturers to release an update patch now. In any case, thanks to the May 2022 security patch, we will see it in the future.
Google has been working to improve the Pixel phone experience. In addition to faster updates and security patches, the company is also collaborating with Ifixit on a self-repair program. It’s worth noting that the company is busy with the upcoming Google I/O and Pixel 6a reveal.