- The ‘Dirty Pipe’ vulnerability was initially noticed in the mainstream Linux kernel, and now, smartphones like the Galaxy S22 series and Pixel 6 have also been confirmed to be affected.
- This vulnerability allows hackers to gain complete system-level access and could allow hackers to steal money and intercept WhatsApp messages, among other things.
- It is not clear if Google has patched this vulnerability in its March security update.
Samsung Galaxy S22 series, Pixel 6 smartphones have been confirmed to be impacted by a severe security vulnerability called ‘Dirty Pipe’, allowing hackers and malicious parties to gain system-level access. The vulnerability is in the Linux kernel that is used by
Android, and Google is yet to confirm a fix.
The bug was initially noticed in the mainstream Linux kernel, and since Android also uses the Linux kernel, newer devices running on the affected kernel version have inherited the ‘Dirty Pipe’ vulnerability, too.
Existing smartphones don’t usually get a major kernel update when they get a new Android update, so if your smartphone has received the Android 12 update, it is possible that you are not affected by this bug.
Transform talent with learning that worksCapability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More However, other smartphones which have launched with Android 12 out of the box could be impacted, although the names are not certain yet.
What is the ‘Dirty Pipe’ vulnerability?
The
‘Dirty Pipe’ vulnerability allows hackers and malicious third parties to gain system-level access and subsequently overwrite data in the read-only memory.
According to security researchers, hackers could use this vulnerability to gain full root access – that is, access system files and modify, delete, or overwrite them – apart from reading and manipulating app data.
Essentially, this could mean that hackers would not only be able to read WhatsApp messages, they could also manipulate them. They could intercept SMS, remotely control banking apps and steal money, apart from several other malicious things.
In a proof of concept developed by security researcher Max
Kellerman, the vulnerability is present in the Pixel 6, the latest smartphone from Google.
Samsung’s latest flagship, the Galaxy S22 series, has also been
confirmed as affected by Ars Technica’s Ron Amadeo.
Kellerman reported the ‘Dirty Pipe’ vulnerability to Google in February, and although the March security update has been rolled out, it is unclear if this vulnerability has been fixed as Google has not mentioned anything about it in the changelog.
Thankfully, if your smartphone has not been upgraded to Android 12, you don’t have to worry as this vulnerability affects only Android 12.
SEE ALSO:
Redmi Note 11 Pro, Redmi Note 11 Pro+ and Redmi Watch 2 Lite launched in India
Upcoming smartphones launching in India in March 2022
Carl Pei’s Nothing raises $70 million ahead of its March 23 event – rumoured Nothing smartphone could be officially announced
Next Story
I spent $2,000 for 7 nights in a 179-square-foot room on one of the world's largest cruise ships. Take a look inside my cabin.
Saudi Arabia wants China to help fund its struggling $500 billion Neom megaproject. Investors may not be too excited.
Colon cancer rates are rising in young people. If you have two symptoms you should get a colonoscopy, a GI oncologist says.
JNK India IPO allotment – How to check allotment, GMP, listing date and more
Indian Army unveils selfie point at Hombotingla Pass ahead of 25th anniversary of Kargil Vijay Diwas
IndiGo places order for 30 wide-body A350-900 planes
Markets extend gains for 5th session; Sensex revisits 74k
Top 10 tourist places to visit in Darjeeling in 2024
