Given that this has just been released and that all of these flip phones run old kernels, https://dirtypipe.cm4all.com/ should be able to be used to achieve temp root on the LG Classic, LG Exalt, and all the other flip phone models.
We will probably see a root exploit soon.
lgexalter1 That looks like a desktop linux based exploit, we are going to need an android specific one for the flip phones due to the added security measures that android has
lgexalter1 Any update? This would be huge for me if I could permanently remove the browser from the LG Classic
https://github.com/basharkey/CVE-2022-0847-dirty-pipe-checker can someone run this script on a device ? prob something like
adb shell push dpipe.sh /sdcard
adb shell /sdcard/dpipe
also - this exploit can run on android see for example this repo for pixel https://github.com/polygraphene/DirtyPipe-Android
kernel versions begginning with the number 5 are among those at risk. the bug was introduced with Linux kernel version 5.8 - so can ppl please post here their device name and kernel version (settings > about phone > Software Information > kernel version) so we know which devices are vulnerable?
Edit according to this blogpost, the dirty pipe vulnerability only exists in android from Android 12 (API 31/Snow Cone) and Higher. I assume that means to the exclusion of flip phones which (to my knowledge) all run considerably lower. nevertheless, it may be worthwhile to check kernel versions and maybe run the above script just to be sure...
thanks @lgexalter1 - yeah, checked kernel version on exalt - its 3.10.49 and LG Classic Flip, LG Wine 2 LTE, and Kyocera E4610 are 3.18.71. all well below the vulnerable versions starting at 5.8.xx so i think we can successfully conclude that Dirty Pipe is not going to happen on a flip phone.
sh7411usa lgexalter1 thanks for updating. Much appreciated.
אין שמחה כהתרת הספיקות