A new Linux exploit is affecting some Android 12 devices including the Google Pixel 6 and Samsung Galaxy S22 series smartphones. This new Linux exploit called “Dirty Pipe” was discovered as vulnerability CVE-2022-0847, which is a security exploit present in some versions of the recent Linux kernel. A kernel is the core of an OS that acts as the mediator between apps and the hardware. This means if users of the mentioned devices allow any Android app to read files on their phone/computer, it can run malicious code or can just corrupt the file. This vulnerability has already shown its potential to get admin access to a system on the desktop/laptop versions of Linux. The Dirty Pipe exploit can easily allow attackers to take complete control of your device.
How does Dirty Pipe work?
As the name suggests, Dirty Pipe is related to Linux’s concepts of “pipes” and “pages”. The pipes here are used to get data from one app or process to another, while the pages are small bits of your device’s RAM. The Dirty Pipe exploit allows apps to manipulate Linux pipes so that the application can insert its data into a page of memory. This makes it easy for the attacker to either replace the contents of a file that the user is trying to access or even get full control of the user’s system.
Devices that are affected by Dirty Pipe
The Dirty Pipe exploit targets all Linux-powered devices including Android phones, Chromebooks and even Google Home devices like — Chromecast, speakers and displays. To be specific, the bug was introduced in 2020 with the Linux kernel version 5.8 and has been present in every device released after that.
The good news is that the damage potential of Dirty Pipe is very limited for Android devices as most of them use an older version of the Linux kernel that is unaffected by the bug. However, it is not the case with the devices that run on Android 12 out-of-the-box. So, Android devices like the Google Pixel 6 series and Samsung Galaxy S22 series can get affected by Dirty Pipe. Moreover, the developer who initially discovered the bug reproduced it on a Pixel 6 smartphone and reported it to Google.
How are companies trying to fight Dirty Pipe?
Apart from discovering the “Dirty Pipe” exploit, the developer was also able to fix the vulnerability. `The fix was then submitted to the Linux kernel project and within a couple of days, newer versions of the Linux kernel were unveiled to include the fix.
Google’s Android Security Team got notified about the “Dirty Pipe” exploit in February. The fix was soon added to the Android source code to make sure that the upcoming builds of the OS are secure from this exploit. The Chrome OS team also picked up the fix and is set to roll out as a mid-cycle update to Chrome OS 99.
Google has finally rolled out the May 2022 security patch for Pixel phones and has also released the Android Security Bulletin for the month where there is direct mention of the Dirty Pipe exploit. This means that every Android smartphone that installs the May 2022 security update can be assumed to be safe from attackers.