CVE-2022-0847 Vulnerability in Linux Kernel Can Be Used To Root Android

A dirty pipe (CVE-2022-0847) vulnerability was discovered in the Linux Kernel earlier, which also affects Android systems, and Google is currently preparing a security update to fix this vulnerability. Some users ask me asking whether it is possible to root the phone by exploiting this vulnerability. Obviously, it can be done by exploiting the CVE-2022-0847 vulnerability.

A security researcher posted on Twitter that CVE-2022-0847 has been used to successfully gain root privileges on Google Pixel 6 Pro and Samsung Galaxy S22. Both devices have the latest Android update installed but are still affected by the vulnerability, as Google has not released an update to address this flaw. In theory, as long as it is not fixed, it is very easy to exploit the vulnerability to gain root privileges.https://twitter.com/Fire30_/status/1503422980612923404

If you exploit this vulnerability to gain root privileges, you will also get additional benefits. You can either permanently root or disable root at any time, yes you can enable root privileges on demand, which can be used to avoid some software refusing to run if it detects root privileges.  If the user wants to, they can directly perform permanent root, and they can directly modify the various contents of the Android system through the terminal or other software.

Based on the above, if a developer wants to, it should be possible to root most Android phones newly released in the last two years, including flagship devices from various OEM manufacturers. Conversely, malware developers can also exploit this vulnerability to root the device in order to perform more malicious actions.

In theory, the phone can be fully controlled by hackers after obtaining root permissions, so it is completely possible to steal data or even monitor it in real-time.