Smartphone OS vulnerabilities are nothing new, to be honest. They keep seeing the light of day all the time. However, not all of them are scary or threatening but Dirty Pipe might be. Security researchers and Android lovers around the world have decided to look deeper into it, and this vulnerability can actually be used to gain access to your device and for now, the Galaxy S22 and Pixel 6 Pro are prone to this vulnerability.
Avoid Installing Unknown Apps on Your Galaxy S22 or Pixel 6 Pro to Be Safe From Dirty Pipe Vulnerability
Happening to the CVE-2022-0847, there is a vulnerability called Dirty Pipe in the Linux kernel version 5.8 and later. Even though the discovery of this vulnerability happened some time ago, now a Twitter user has demonstrated the exploit implementation around the kernel flaw which can let the attacker gain root shell on the Galaxy S22 and the Google Pixel 6 Pro.
You can look at it in action below.
Dirty Pipe -> kernel r/w+selinux disabled+root shell on Pixel 6 Pro and Sasmsung S22 latest update 🙂 pic.twitter.com/WwhwjLyU5q
— Fire30 (@Fire30_) March 14, 2022
The main thing to worry about here is that you really do need any kind of unlocking or other tricks to make it work. Using the Dirty Pipe exploit, the attacker can easily gain root level access to the Galaxy S22 or the Pixel 6 Pro through a reverse shell through a rogue app that was crafted for this exploit.
While the Dirty Pipe might sound like a useful tool when it comes to the Android modding scene but it can have some terrible uses, too. Thankfully, the exploit has been patched in the latest Linux kernel and you can expect the companies to roll out the fix in the upcoming patches. However, until the update comes out, we would highly suggest that you prevent downloading and installing apps from untrusted sources as they can cause some serious damage to your device without your knowledge.
