Major Linux kernel vulnerability affects Pixel 6, Galaxy S22, and others
source link: https://www.xda-developers.com/pixel-6-galaxy-s22-linux-kernel-vulnerability-root-android/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Researcher finds Android zero-day vulnerability impacting Google Pixel 6, Samsung Galaxy S22, and more
Android security has come a long way in recent years. The fostering of monthly security patches has kept hundreds of threats at bay, while Google Play Protect is there to bar malware from the Play Store. However, there are still instances where rogue actors can exploit vulnerabilities hidden within in Android’s code for nefarious purposes. Zhenpeng Lin, a security researcher and Northwestern University PhD student, recently discovered such a vulnerability on the Google Pixel 6, and you may be at risk even after installing the latest July 2022 security update.
The vulnerability in question affects the kernel portion of Android, allowing the attacker to gain arbitrary read and write access, root privilege, and the authority to disable SELinux. With this kind of privilege escalation, a malicious actor could tamper with the operating system, manipulate built-in security routines, and do a lot more harm.
The latest Google Pixel 6 pwned with a 0day in kernel! Achieved arbitrary read/write to escalate privilege and disable SELinux without hijacking control flow. The bug also affects Pixel 6 Pro, other Pixels are not affected
pic.twitter.com/UsOI3ZbN3L
— Zhenpeng Lin (@Markak_) July 5, 2022
While Lin demonstrated the exploit on the Google Pixel 6, a handful of current-gen Android devices are susceptible to this particular zero-day threat, including the Google Pixel 6 Pro and the Samsung Galaxy S22 family. In fact, the vulnerability affects every Android device running Linux kernel version 5.10. The regular Linux kernel is affected as well, according to Lin.
Notably, the precise details of the vulnerability have not been publicly released. Lin, however, is set to appear in Black Hat USA 2022 along with two other researchers named Yuhang Wu and Xinyu Xing. As per the brief of their presentation — “Cautious: A New Exploitation Method! No Pipe but as Nasty as Dirty Pipe” — the attack vector is essentially a generalized, yet more powerful version of the infamous Dirty Pipe vulnerability. Furthermore, it can be extended to achieve container escape on Linux too.
While Google has already been informed, we have yet to see any public CVE reference for the vulnerability. Given how Google’s security patches work, we might not see this issue addressed until the September patch rolls out. The good news is that it’s not an RCE (remote code execution) that can be exploited without user interaction. In our opinion, it may make sense to hold off installing random apps from non-trusted sources until after the patch is installed.
Source: Zhenpeng Lin on Twitter, Black Hat
Via: Mishaal Rahman
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK