Kernel bug exposes Android to potential malware – Linux Dirty Pipe

Robert Haba
Robert Haba
2 min read
malware
Trust this source on Google
Add trusted source

If Android were a car engine, and you popped the hood and poked around a bit, you’d find the label “Linux” etched on the engine block. The open-source operating system provides the starting point that Android’s built on top of, but sharing code also means sharing vulnerabilities. Now a newly discovered Linux kernel bug is raising concerns for the security of Android devices, as it leaves a door open for malware intrusion.

The glitch in question has been dubbed “Dirty Pipe” by software engineer Max Kellerman, who provides a detailed writeup about the bug’s discovery. He first spotted some mysteriously corrupted log files last year, and his analysis of the problem revealed a kernel-level flaw that’s existed since 2020. The vulnerability lets software overwrite the system page cache, even for files where apps shouldn’t otherwise have permission. He determined that in the wrong hands the issue had potential for exploitation and alerted the team behind Linux kernel security. Properly coded malware could use this method to obtain full control of a vulnerable system by overwriting files as vital as the system’s root password.

Kellerman was also able to reproduce the bug on a Pixel 6, and reached out to let Google know. The company similarly prepared a fix, and merged it into the Android kernel. Right now, it’s just a matter of OEMs needing to incorporate that fixed kernel in future device updates.

For what it’s worth, Google confirmed to Android Police that Dirty Pipe did not play a role in delaying the release of Android 12L for the Pixel 6. Linux users, meanwhile, need to install their distro’s most recent security updates ASAP.

Google Pixel 9

Google Pixel 9

5.0 / 5.0
Est. Price
$544.99$799.0032% OFF
Buy
👑A good choice
Apple iPhone 17 Pro

Apple iPhone 17 Pro

4.8 / 5.0
Est. Price
$1,012.97$1,099.008% OFF
Buy
Samsung Galaxy Watch 8

Samsung Galaxy Watch 8

4.9 / 5.0
Est. Price
$289.99$349.9917% OFF
Buy
Budget
Nothing Phone (4a) Pro

Nothing Phone (4a) Pro

4.5 / 5.0
Est. Price
$494.99$599.0017% OFF
Buy
DEAL!
Samsung Galaxy Watch Ultra (2025)

Samsung Galaxy Watch Ultra (2025)

5.0 / 5.0
Est. Price
$449.99$649.9931% OFF
Buy
* As an Amazon Associate, Droid Tools earns from qualifying purchases. Learn more in our Affiliate Disclosure.
Founder · Editor-in-Chief
Robert Haba is the founder and editor-in-chief of Droid Tools. A lifelong gadget enthusiast with over a decade following the Android ecosystem, he built this publication to cut through the noise and give readers honest, real-world coverage of the tech they actually use.

Comments & Discussions

Join the conversation! We use Disqus to handle comments. Click the button below to load the comment section.

Keep Reading

Early Geekbench results for the Snapdragon 6 Gen 5 show almost no CPU improvement over the Snapdragon 6 Gen 4, with the older chip actually edging it out in single-core performance. GPU gains look more promising, sitting around 20%, but raw processing power appears to be largely unchanged. Typically, when a company like Qualcomm releases […]

Snapdragon 6 Gen 5
NewsRobert HabaJuly 3, 2026

New software launches rarely go off without a hitch, and Android 17 is proving no different. Shortly after the update rolled out, Pixel owners began reporting connectivity problems — specifically, losing access to 5G entirely after installing the update. Reports surfaced on the Google Pixel subreddit, with multiple users across different device generations describing the […]

android 17 update
NewsRobert HabaJune 23, 2026