A security researcher recently uncovered a new zero-day vulnerability in the Linux kernel that appears to also compromise Android devices that received the July 2022 security patch. The Google Pixel 6 series has been confirmed to be affected as well as the Galaxy S22 series.
The discovered vulnerability does not even have a name yet. However, this seems to be able to cause problems on all Android devices with the Linux kernel version 5.10. The vulnerability could allow an attacker to gain arbitrary read and write access, root privileges and authority over SELinux.
The latest Google Pixel 6 pwned with a 0day in kernel! Achieved arbitrary read/write to escalate privilege and disable SELinux without hijacking control flow. The bug also affects Pixel 6 Pro, other Pixels are not affected 🙂 pic.twitter.com/UsOI3ZbN3L
— Zhenpeng Lin (@Markak_) July 5, 2022
Fortunately, this new zero-day vulnerability does not allow remote code execution (RCE). In other words, it requires user interaction, ie installation of malicious applications designed to exploit this vulnerability.
The security researcher has informed Google and a security patch should be available shortly. But we will probably have to wait until August.
If you like our news and you want to be the first to get notifications of the latest news, then follow us on Twitter and Facebook page and join our Telegram channel. Also, you can follow us on Google News for regular updates.