Android 12 flaw leaves smartphones vulnerable to hacking

A few days ago, a developer discovered a major security flaw in Linux kernel version 5.8. The vulnerability affects all devices with an operating system that is based on a Linux kernel, such as smartphones/tablets android, Google Home speakers, Chromecasts or Chromebooks. AND, this Android flaw makes smartphones vulnerable to hacking.

The flaw allows a malicious app to view all files on your smartphone without first obtaining your consent.. In addition, the flaw leaves the possibility for a hacker to execute code on your smartphone or tablet. Thanks to these lines of code, it is theoretically possible to take control of your device.

Android devices vulnerable to hacking

According to Ron Amadeo, journalist at Ars Technica (Via: Gizchina), the number of Android devices affected by the flaw is very limited. This is because most Android phones and tablets are based on an older version of the Linux kernel.

android-12-fail-makes-smartphones-vulnerable-to-hack

Falaha on Android 12 allows you to hack some smartphones including the Galaxy S22

“The Dirty Pipe vulnerability is extremely serious because it allows an attacker to overwrite – temporarily or permanently – files on the system that they should not be able to modify,” wrote Christoph Hebeisen, head of security research at mobile security provider Lookout. “Attackers can use it to modify the behavior of privileged processes, thereby gaining the ability to execute arbitrary code with extended system privileges.”

According to their findings, only smartphones launched on the market with Android 12 are affected by the vulnerability. Additionally, affected devices include the Galaxy S22 series, Galaxy S21 FE, Google Pixel 6/Pixel 6 Pro, Oppo Find X5, and Realme 9 Pro+.

Devices affected by the vulnerability

As announced, the breach only affects smartphones released on Android 12 that are based on a version of the Linux kernel older than 5.8. So, to find out if this is the case for your mobile phone, you just have to open the application settingsgo to about phone, tap android version and find kernel version.

So for now, there is no indication that hackers have actively exploited the flaw. Alerted by developers, Google released a patch to protect users. The patch is not yet available for affected phones. However, it should arrive soon.

“Given that there are already exploits circulating on Twitter, it’s already too late for people who had untrusted users on their systems,” Spengler said. “Anyone with an affected kernel version (>= 5.8) should apply the patch as soon as possible.”

We hope that fixes for this issue will reach all devices as soon as possible.

Via: chalk

Add Comment