"Researcher Uses Dirty Pipe Exploit to Fully Root a Pixel 6 Pro and Samsung S22"
A security researcher was able to root a Pixel 6 Pro and Samsung S22, two models of Android phones, through the use of the newly discovered critical Dirty Pipe vulnerability in Linux. The researcher chose the two handset models because they are known to run Android version 5.10.43, which is the only release of Google's mobile OS discovered to be vulnerable to Dirty Pipe. Since the Local Privilege Escalation (LPE) vulnerability was not introduced until the recently released version 5.8 of the Linux kernel, the universe of exploitable devices, including mobile devices, Internet of Things, servers, and desktop, is relatively small. However, Dirty Pipe provides a platform for hackers to bypass normal security controls and gain full root control over devices that do package impacted Linux kernel versions. From there, a malicious app could secretly steal sensitive data such as authentication credentials, photos, files, messages, and more. SELinux and sandboxing are security mechanisms used for Android, which often makes exploits difficult or impossible. Despite the implementation of these security mechanisms, the Android root shows Dirty Pipe as a possible attack vector against vulnerable devices. In a video demonstration, the researcher ran a custom-built app on a Pixel 6 Pro and a Samsung S22. In seconds, a reverse shell that gives full root access opens on a computer connected to the same Wi-Fi network. The researcher was then able to evade most security protections built into Android. This article continues to discuss the demonstrated use of the Dirty Pipe Linux kernel root vulnerability to gain root shell access on a Pixel 6 Pro and Samsung S22.