Researcher uses Dirty Pipe exploit to fully root a Pixel 6 Pro and Samsung S22

Researcher uses Dirty Pipe exploit to fully root a Pixel 6 Pro and Samsung S22

2 years ago
Anonymous $jukOC22bR_

https://arstechnica.com/information-technology/2022/03/researcher-uses-dirty-pipe-exploit-to-fully-root-a-pixel-6-pro-and-samsung-s22/

A researcher has successfully used the critical Dirty Pipe vulnerability in Linux to fully root two models of Android phones—a Pixel 6 Pro and Samsung S22—in a hack that demonstrates the power of exploiting the newly discovered OS flaw.

The researcher chose those two handset models for a good reason: They are two of the few—if not the only—devices known to run Android version 5.10.43, the only release of Google's mobile OS that's vulnerable to Dirty Pipe. Because the LPE, or local privilege escalation, vulnerability wasn't introduced until the recently released version 5.8 of the Linux kernel, the universe of exploitable devices—whether mobile, Internet of Things, or servers and desktops—is relatively small.

Researcher uses Dirty Pipe exploit to fully root a Pixel 6 Pro and Samsung S22

Mar 15, 2022, 9:38pm UTC
https://arstechnica.com/information-technology/2022/03/researcher-uses-dirty-pipe-exploit-to-fully-root-a-pixel-6-pro-and-samsung-s22/ > A researcher has successfully used the critical Dirty Pipe vulnerability in Linux to fully root two models of Android phones—a Pixel 6 Pro and Samsung S22—in a hack that demonstrates the power of exploiting the newly discovered OS flaw. > The researcher chose those two handset models for a good reason: They are two of the few—if not the only—devices known to run Android version 5.10.43, the only release of Google's mobile OS that's vulnerable to Dirty Pipe. Because the LPE, or local privilege escalation, vulnerability wasn't introduced until the recently released version 5.8 of the Linux kernel, the universe of exploitable devices—whether mobile, Internet of Things, or servers and desktops—is relatively small.