A vulnerability in the Linux kernel called “Dirty Pipe” puts mobile devices running Android 12 at risk. This also impacts flagship phones such as the Pixel 6 series and potentially the Galaxy S22 series as well. The issue is impacting newer devices on Android 12, according to reports, though users are advised to update to the latest version of the software, including the security updates, which are release every month. It is not clear if Google’s latest security update fixes the flaw.
Due to the issue, malicious applications and software can gain root-level access to the device and use it to overwrite data on protected read-only files.
What is Dirty Pipe flaw?
The vulnerability was named after “Dirty Cow”, a similar ‘privilege-escalation’ vulnerability that was discovered and fixed in 2016. Privilege escalation is when unauthorised applications and processes can gain access to a system by exploiting a vulnerability. The “pipe” part of the vulnerability’s nomenclature comes from the fact that it exploits pipes, which are tools used by Linux system processes to communicate with each other. Dirty Pipe is reportedly easier to exploit than Dirty Cow.
Max Kellerman, a security researcher at German web development and hosting company CM4all, initially discovered the vulnerability a year ago when one of the company’s clients raised a support ticket after finding a corrupt file on their system. The researcher discovered the flaw in the course of his research on what caused this file corruption. He was eventually able to reproduce the error on the Google Pixel 6 and sent a bug report to the Android Security Team.
He also sent a patch to LKML (Linux Kernel mailing list) after being advised to do so by multiple developers including Linus Torvalds, the creator of the Linux kernel. Meanwhile, according to Ars Technica’s RonAmadeo, the bug likes impacts the Galaxy S22 series as well, given it is on the Linux 5.8 kernel which is impacted. Samsung has not yet commented on the issue.
What exactly is the ‘Dirty Pipe’ flaw? How did Kellerman discover it?
When Kellerman first encountered the issue he could not figured out what caused the problem and decided to manually fix the corrupt files. But after that first incident, the same issue started happening with multiple clients, and the number of corrupted files kept growing larger.
After probing the matter further by scanning one client’s hard disk, Kellerman found a pattern: there were multiple corrupt files on the system. After eliminating all other possibilities, Kellerman arrived at an improbable conclusion: the error must be caused by a bug in the Linux kernel.
