A researcher from Northwestern University has just discovered a new security flaw on Android. The security flaw mainly concerns version 5.10 of the Linux kernel.
In recent times, the security of the Android operating system has become a high priority for Google. Several security patches and in particular Google Play Protect thus protect users from malicious applications from the Play store. These have thus considerably increased the security of our smartphones and devices, but zero risk unfortunately does not exist for Google. Zero-day flaws, for example, are one of the biggest current threats and the tech giant has already detected 58 of them in 2021 alone.
More recently, a new security flaw of this type affecting the Android operating system has just been discovered. This was discovered by Zhenpeng Lin, a security researcher and doctoral student at Northwestern University. The man in question has demonstrated the vulnerability caused by this flaw on his Pixel 6. And potential victims can include many latest generation Android smartphones, since the flaw mainly concerns the Linux kernel, and specifically version 5.10.
A security breach can affect your Samsung Galaxy S22 or your Pixel 6
Without going into overly technical terms and details, the flaw allows a cybercriminal to obtain authorization to disable SELinux, the Linux kernel’s security module. To put it simply, a cybercriminal capable of exploiting this flaw could have full access to the operating system, with the possibility of stealing personal data and causing several damages. As pointed out by Zhenpeng Lin, the flaw affects all smartphones that run Linux kernel version 5.10, and specifically Samsung’s Galaxy S22 series and Google’s Pixel 6 series.
The security researcher has yet to announce the details of the security flaw, and he says users can rest easy while they wait for Google to release an update to fix the problem.
Google is indeed aware of the situation, and the flaw will be corrected quickly. Probably in September, when Google announces new security patches. In the meantime, it is advisable not to install applications from untrusted sources, this is to minimize the risks.
