A bug discovered in the Linux kernel also affects Android, and can open the door to dangerous viruses.
“Dirty Pipe” is the name that several specialized cybersecurity researchers have given to a bug discovered in the Linux kernel. And, since Android uses such a kernel, the bug also seems to affect Google’s operating system.
The software engineer Max Kellerman has explained in detail what this bug consists of, and how its presence in Android could open the door to the appearance of malware on recent Android deviceslike the Pixel 6 and Pixel 6 Pro.
A bug in the Linux kernel allows you to take full control of some Android devices
According to Kellerman, Dirty Pipe was discovered after finding some Files of log corrupt generated by the Linux kernel. Apparently the bug was discovered in 2020. By “exploiting” this vulnerability, the engineer was able to overwrite the system’s page cache, even for files that applications should not have permission to.
This is a particularly serious vulnerability, because if it falls into the wrong hands, malware capable of taking complete control of a Linux-based system could be developedbeing able to even overwrite sensitive system files.
Since Android and Linux share a kernel, the engineer was able to take advantage of the bug on a Google Pixel 6 to inject malware and take full control of the device’s system. After doing so, he informed the Android security team, which developed a patch to later integrate it into the Android kernel code.
It is necessary to indicate that only those devices with a Linux kernel version between a5.8 and 5.16 would be affected by a vulnerability. Some apps to know the components of our device allow us to know what kernel version our device runs. One of them is Inware.
Related topics: Android
Sign up for Disney + for 8.99 euros and without permanence