One of the Linux kernel’s main strengths has always been its open-source nature, allowing stakeholders to modify and redistribute as per their requirements. However, the benefit of being open source comes with its fair share of cons, especially if we talk about the existence of unpatched security vulnerabilities and corresponding exploitable situations.
The anomaly was discovered back in April 2021 by Max Kellermann, a security researcher. The vulnerability, dubbed Dirty Pipe, lets software overwrite the system page cache, even for files where apps shouldn’t otherwise have permission. Kellerman determined that despite being already patched in the mainline Linux kernel, the bug could potentially be modified as a privilege-escalation exploit on any device running Linux kernel version 5.8 or higher.
It is only a matter of properly coded malware before this method could gain full control of a vulnerable system by overwriting files as vital as the system’s root password.
Kellerman was also able to reproduce the bug on a Pixel 6 smartphone, and even reached out to let Google know. The company in response prepared a fix and merged it into the Android kernel. For now, it’s just a matter of OEMs needing to incorporate that fixed kernel in future device updates.
This also suggests that a number of recently introduced Android smartphones, including the Samsung Galaxy S22 and the Google Pixel 6, are also vulnerable until their respective OEMs issue the necessary kernel patches.
