There’s a new Linux vulnerability out there that could give attackers full of control of your Android smartphone.
However, the exploit goes beyond just Android phones — it potentially impacts anything running Linux, including Android phones, Chromebooks, smart home devices, and more.
Although it sounds dire, it’s worth keeping in mind that most people don’t need to panic. For one, the issue has already been patched (although the fix may not have reached your devices yet). The exploit also only impacts some newer Android phones, such as the Pixel 6 series and the Galaxy S22 series (more on that below, along with a way to check if your device is affected).
The exploit, dubbed ‘Dirty Pipe,’ impacts the Linux kernel. The kernel is the core of an operating system and typically acts as an interface between apps and hardware. Because of that, any app that can read files on your device can potentially use the exploit to mess around with files, run malicious code, or gain administrator privileges. Ultimately, attackers could use the exploit to take over a device.
Max Kellermann discovered Dirty Pipe, but also found a way to fix it and already submitted the fix to the Linux kernel project. Additionally, Dirty Pipe was reported to Google’s Android Security team, who introduced the fix to the Android source code. Similarly, the Chrome OS team seems to have a patch poised to roll out in a mid-cycle update to Chrome OS 99. In other words, the Dirty Pipe fix is ready, it just might not have hit your phone or laptop yet.
How to check if my phone/laptop is at risk
Thankfully, checking whether your device could be exploited using Dirty Pipe is fairly easy. We’ve included instructions below:
- Android: Open Settings > About phone > Android version > Look for Kernel version. If the number is 5.8 or higher, your device is potentially at risk.
- Chrome OS: Open a new tab > Type ‘chrome://system’ in the address bar > Scroll to ‘uname’ > Look for the ‘Linux localhost’ text and check if the number is higher than 5.8.
In both cases, the number represents the Linux kernel version. Dirty Pipe was introduced in Linux kernel version 5.8 back in 2020, but the exploit wasn’t found until recently. If your device has kernel version 5.8 or higher, it’s potentially at risk for Dirty Pipe (unless you’ve received a patch for it already).
Most Android phones use an older version of the Linux kernel and likely won’t be impacted. However, as mentioned above, the Pixel 6 series and the Galaxy S22 series are impacted. 9to5Google noted that Android devices that launched with Android 12 have a chance of being impacted.
How to protect yourself from Dirty Pipe
Although there are no known instances of attackers using Dirty Pipe to gain control of phones or computers yet, it’s likely only a matter of time before it starts to happen. The best thing you can do to protect yourself is to make sure your devices are up to date.
As mentioned up top, there are already Android and Chrome OS patches, but they haven’t rolled out yet. Hopefully, they roll out soon — keep an eye out for new security patches and make sure to install them right away.
In the meantime, 9to5 suggests only running apps that you trust on your device. Moreover, it may be a good idea to avoid installing new apps until the patch is made available.
Source: Max Kellermann Via: 9to5Google
