A new zero-day vulnerability affecting Android devices has been discovered by a Northwestern University security researcher.
This vulnerability targets Android devices that are running Linux Kernel v5.10, having the potential to affect currently popular smartphones like the Samsung Galaxy S22 or the Google Pixel 6. However, the threat is not only limited to these devices, but it can impact any Android gadget with the kernel.
While Google is always looking to improve its security features and constantly releases patches meant to protect users from various threats, the number of vulnerabilities affecting devices has increased lately.
This last-discovered weakness can offer the attacker random read and write access to Android devices, also allowing them to interfere with the operating system, and potentially disable its security features.
Android Central reported that the vulnerability was discovered by a Ph.D. student at Northwestern University, Zhenpeng Lin, who specializes in kernel security. According to the online publication, Lin also stated on his Twitter account that the “vulnerability is not limited to just phones.” Furthermore, the Android devices that are updated with the latest security patches are also at risk of being affected by this zero-day vulnerability.
Lin is expected to share more information on this subject at Black Hat USA 2022, an internationally recognized cybersecurity event that will take place in Las Vegas, between the 10th and 11th of August. At the event, Lin and two other security researchers will host a briefing on another Linux kernel vulnerability. The brief is entitled Cautious: A New Exploitation Method! No Pipe but as Nasty as Dirty Pipe and its presentation published on the official website of the event explains that
Dirty pipe is the name given to the CVE-2022-0847 vulnerability, present in Linux kernel versions 5.8 and later. It is considered a very serious vulnerability found in the Linux kernel recently partially because it gives a bad actor the ability to escalate privilege but more importantly, its exploitation has no headache in dealing with kernel address randomization and pointer integrity check. With this capability, the exploit built on top of the dirty pipe could be easily used for all versions of kernel affected without even modification.
Leave a Reply