Umcwaningi wezokuphepha eNyuvesi yaseNorthwestern University kanye nongumfundi we-PhD uZhenpeng Lin bathole ubungozi obukhulu obuthinta i-kernel androidamadivayisi afana nochungechunge lwe-Pixel 6 noma Galaxy S22. Imininingwane eqondile yokuthi lobu bungozi busebenza kanjani ayikakhishelwa ngenxa yezizathu zokuphepha, kodwa umcwaningi uthi ingavumela ukufunda nokubhala ngokungafanele, ukukhuphuka kwelungelo, kanye nokukhubaza ukuvikelwa kwesici sezokuphepha se-Linux se-SELinux.
Igalari yezithombe
U-Zhenpeng Lin uthumele ividiyo ku-Twitter ehlose ukukhombisa ukuthi ubungozi be-Pixel 6 Pro bukwazi kanjani ukuthola impande futhi bukhubaze i-SELinux. Ngamathuluzi anjalo, i-hacker ingenza umonakalo omkhulu kudivayisi esengozini.
I-Google Pixel 6 yakamuva idliwe nge-0day in kernel! Kuzuzwe ukufunda/ukubhala ngokungafanele ukuze kukhuliswe amalungelo futhi kukhubaze i-SELinux ngaphandle kokugeleza kokulawula ukuduna. Isiphazamisi siphinde sithinte i-Pixel 6 Pro, amanye ama-Pixel awathinteki 🙂 pic.twitter.com/UsOI3ZbN3L
- Zhenpeng Lin (@Markak_) July 5, 2022
Ngokwemininingwane eminingana eboniswe kuvidiyo, lokhu kuhlasela kungase kusebenzise uhlobo oluthile lokuhlukumeza ukufinyelela inkumbulo ukwenza umsebenzi omubi, ongase ube sengozini esanda kutholwa yepayipi Elingcolile elithintekile. Galaxy S22, Pixel 6 nabanye androidamadivaysi e-ova aqaliswe nge-Linux kernel version 5.8 on Androidu 12. U-Lin uphinde wathi ubungozi obusha buthinta wonke amafoni asebenzisa i-Linux kernel version 5.10, ehlanganisa uchungechunge lwamanje lwe-Samsung flagship olushiwo.
Ungaba nentshisekelo ku
Ngonyaka odlule, i-Google ikhokhele u-$8,7 wezigidi (cishe i-CZK 211,7 million) emiklomelweni yokuthola iziphazamisi ohlelweni lwayo, futhi okwamanje inikela ngamadola angama-250 (cishe i-CZK 6,1 million) yokuthola ubungozi ezingeni le-kernel, okusobala ukuthi kunjalo. . I-Google noma i-Samsung abakaze baphawule ngalolu daba, ngakho-ke akucaci okwamanje ukuthi ukuxhashazwa kwe-Linux kernel entsha kungase kukhishwe nini. Kodwa-ke, ngenxa yendlela iziqephu zokuphepha ze-Google ezisebenza ngayo, kungenzeka ukuthi isiqeshana esifanelekile ngeke sifike kuze kube uSepthemba. Ngakho akukho esingakwenza ngaphandle kokulinda.
