Déjà vu: Another serious security vulnerability discovered in Pixel 6 and Galaxy S22
It was only in May that Google rolled out a fix for the Dirty Pipe Linux vulnerability that could have let malicious apps get full system control. Some of the best recent Android phones like the Google Pixel 6 duo, the Samsung Galaxy S22 family, and the Xiaomi 12 Pro were affected. Another serious vulnerability has now been discovered and it again puts the Pixel 6 and Galaxy S22 at risk.
Kernel security expert Zhenpeng Lin has discovered a flaw in the Pixel 6 that could give read/write privileges to bad actors and allow them to disable the Security-Enhanced Linux (SELinux) architecture that allows administrators to have more control over who can access a particular system.
The bug affects all handsets based on Linux kernel version 5.10, including the Pixel 6 Pro and the Galaxy S22 range. The list may also include other recent devices that launched with Android 12.
One more thing: all phones based on kernel v5.10 are affected, including Samsung S22
— Zhenpeng Lin (@Markak_) July 6, 2022
Lin has shown the bug in action on Twitter. Android Police reports that Google was informed about it after the video was put up on Twitter. This is unlikely to obliterate his chances of getting a payout from the Mountain View giant though because he did not disclose the full set of instructions for how the vulnerability works.
Apparently, an attacker could use some sort of memory access exploit to wreak havoc. This is similar to how the Dirty Pipe vulnerability affected the Galaxy S22 and Pixel 6 which were released with Linux Kernel versions 5.8.
Lin thinks the video is just a proof of concept and was published to warn end-users before the problem is fixed. He hasn't said what users should do to protect themselves.
Google and Samsung are yet to speak about the issue so it's hard to say when it might be patched. Android Police believes that given how things work, a fix could arrive in September. Other vendors are free to act faster and issue a fix before Google, which is what Samsung did with Dirty Pipe.
Things that are NOT allowed: