Reviews

Déjà vu: Another serious vulnerability discovered in Pixel 6 and Galaxy S22

Written by admin

Kernel security expert Zhenpeng Lin has discovered a flaw in the Pixel 6 that could give read/write permissions to bad actors and allow them to disable the Security-Enhanced Linux (SELinux) architecture, giving administrators more control over who can access it. has a certain system.

The bug influences all handsets based on Linux-Kernel version 5.10, including the Pixel 6 Pro and the Galaxy S22 series. The list may also include other recent devices launched with Android 12.

Lin showed the bug in action on Twitter. Android police reports that Google was informed about this after the video was posted on Twitter. However, this is unlikely to take away from his chances of a payout from the Mountain View giant as he has not disclosed full instructions for how the vulnerability works.

Apparently, an attacker could use some sort of memory access exploit to do damage. This is comparable to how the Dirty Pipe vulnerability hit the Galaxy S22 and Pixel 6 that were released with Linux Kernel versions 5.8.

Lin thinks the video is only a proof of concept and has been published to warn end users before the problem is solved. He did not say what users should do to protect themselves.

Google and Samsung have not yet talked about the problem, so it’s hard to say when it is possible. Android police believes that, given how things work, a solution could come in September. It is free to act faster and to release a solution for Google, which Samsung did with Dirty Pipe.

About the author

admin

Leave a Comment