Android smartphones affected by vulnerability in Linux
Attackers can gain unauthorized access to the system through a bug in the kernel of the Linux operating system. The security researcher and developer Max Kellermann warns of this, as the IT magazine “heise online” reports. Accordingly, the vulnerability affects servers, control devices and Android smartphones.
Kellermann found out that the error called dirty pipe occurs when data is sent from different sources to a so-called pipe. Linux developers call a pipe a process in which data is moved over a communication channel.
Attackers could bug the system
Occasionally, the kernel gets confused when processing requests, so that incorrect data is mixed up and output at the end of the channel. In this way, users could gain access rights that they normally do not have. A bug in the system is possible through this unauthorized access.
The problem affects all systems that use Linux from version 5.8. This also includes Android smartphones that use the Linux kernel as a basis. The kernel is the core of an operating system, which serves as an interface between hardware and software.
New kernel versions available
There are now kernel versions that fix the error discovered by Kellermann. Google has also installed a corresponding update in its Android kernel.
Distributors and hardware manufacturers should ensure that their vulnerable systems are updated. For users of Android smartphones, this means looking for a new version of the operating system in the settings if automatic updates are turned off. In some cases this can take a while, because some mobile operators release their own versions of Android for their devices.