A seemingly major vulnerability has been discovered by security researcher and Northwestern PhD student Zhenpeng Lin, affecting the kernel on the Pixel 6 and 6 Pro and other Android devices running Linux kernel versions based on 5.10 like the Galaxy S22 series. Precise details for how the vulnerability works have not yet been published, but the researcher claims that it can enable arbitrary read and write, privilege escalation, and disable SELinux security protections — in short, this is a biggie.


The researcher has verified to Android Police that Google was not informed of the vulnerability before its demonstration on Twitter.

None of the precise technical details behind how the exploit works have been released, but a video claiming to show the exploit used on a Pixel 6 Pro was able to achieve root and disable SELinux. With tools like that, a malicious actor could achieve a lot of damage.