A new exploit for smartphones and tablets using Samsung’s Exynos chipset has been found by a developer at XDA. Alephzain at XDA Developers found the exploit, which gives developers, and potentially malware writers, access to RAM in devices powered by Samsung Exynos 4412 or 4210 processors. The access means that user data is easily accessible to developers for white hat purposes but also that it would be easy to brick or wipe the device – any app can gain root access without permissions on one of the affected devices.
Alephzain describes the security flaw as a “huge mistake” by Samsung and he says “the security hole is in kernel, exactly with the device /dev/exynos-mem”. He goes on to discuss the implications of the flaw: “The good news is we can easily obtain root on these devices and the bad is there is no control over it. RAM dump, kernel code injection and others could be possible via app installation from Play Store. It certainly exists many ways to do that but Samsung give an easy way to exploit. This security hole is dangerous and expose phone to malicious apps. Exploitation with native C and JNI could be easily feasible.”
The XDA community has informed Samsung about the flaw so hopefully a fix from the company will be forthcoming shortly. For now Android Central recommends that being “mindful of what you're downloading and installing, especially if you're downloading and installing pirate copies of apps” is a very good idea. However the Android-centric blog adds reassuringly that “It's worth noting that nobody has seen or heard of any malware using this bug, and likely never will.”
Android Central lists the devices powered by the Exynos 4210 and 4412 processor as:
- Galaxy S II
- Galaxy S III
- Galaxy Note
- Galaxy Note II
- certain Galaxy Player models
- Galaxy Tab 2 devices
- Galaxy Note 10.1
- Galaxy Camera
Also FYI, here is the XDA thread about the exploit and about an APK that uses it to gain root on the above devices.