Home Gadget Galaxy S22 series at risk of a new Linux kernel vulnerability

Galaxy S22 series at risk of a new Linux kernel vulnerability

0

A security researcher recently discovered a new zero-day vulnerability in the Linux kernel, and it seems to put even Android devices that received the July 2022 security patch at risk. The Google Pixel 6 and Galaxy S22 series are confirmed to be vulnerable.

In fact, this as-yet-unnamed vulnerability opens an attack vector on any Android device running the Linux kernel version 5.10. This vulnerability was demonstrated by Zhenpeng Lin on Twitter using the Pixel 6 in a short presentation entitled and. “Attention: New Exploitation Method! No tube, but as disgusting as a dirty tube.’

This new vulnerability, affecting Android devices running Linux kernel version 5.10, could allow an attacker to gain arbitrary read and write access, root privileges and SELinux privileges. Compared to vulnerability dirty pipefixed with the latest security patches.

Fortunately, this new zero-day vulnerability does not allow remote code execution (RCE). In other words, it requires user interaction which means installing malware designed to exploit this vulnerability, so in theory it can be avoided easily and with some care.

A security researcher has informed Google and a security patch is available. Note that the July 2022 security patch is rolling out and may not fix this issue. Galaxy S22 customers will have to wait for an August or later security update to fully guard against this new attack vector. We will keep you updated.

Users of Samsung Galaxy devices, “Settings“, going “About the phone” and touch “Software Information”. Source

Source: Port Altele

NO COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Exit mobile version