<https://arstechnica.com/information-technology/20...
# randomf
flat-morning-91037
03/08/2022, 11:01 AMq
quaint-elephant-2032
03/08/2022, 11:36 AMWoah, thanks for sharing.
Quoting:
"It's about as severe as it gets for a local kernel vulnerability," Brad Spengler, president of Open Source Security, wrote in an email. "Just like Dirty Cow, there's essentially no way to mitigate it, and it involves core Linux kernel functionality."
quaint-elephant-2032
03/08/2022, 11:37 AMAlso, it takes different kind of guts to pursue a "bug" for months!
After months of analysis, the researcher finally found that the customer's corrupted files were the result of a bug in the Linux kernel.
f
flat-morning-91037
03/08/2022, 11:46 AMWhat’s even worse is that Android devices typically don’t get frequent kernel updates as they’re at mercy of OEMs. 😬
c
chilly-rocket-77832
03/08/2022, 11:48 AMAndroid devices typically don’t get frequent kernel updatesLuckily this helps in this case as most phones do not run Linux kernel v5.8 yet. (apparently that's the version in which this bug was introduced)