Vulnerability on Samsung smartphones and tablets allows root access

// December 17th, 2012 // Hacking and Security

Samsung logoXDA Developers member alephzain, has published a vulnerability that exists many Samsung devices that use the Exynos ARM-based system on chip.  He noted on the forums:

Recently discover a way to obtain root on S3 without ODIN flashing.  The security hole is in kernel, exactly with the device /dev/exynos-mem.  This device is R/W by all users and give access to all physical memory. What’s wrong with Samsung?

The vulnerability allows read/write access to RAM which of course means arbitrary code can be injected into the kernel.  Shortly after the vulnerability was announced on the XDA forums, another member published code that used the vulnerability to gain root access on the devices.

The devices that use the Exynos 4210 or 4412 system on chip are vulnerable and include:

  • Samsung Galaxy S2 GT-I9100
  • Samsung Galaxy S3 GT-I9300
  • Samsung Galaxy S3 LTE GT-I9305
  • Samsung Galaxy Note GT-N7000
  • Samsung Galaxy Note 2 GT-N7100
  • Verizon-based Samsung Galaxy Note 2 SCH-I605
  • Samsung Galaxy Tab Plus GT-P6210
  • Samsung Galaxy Note 10.1 GT-N8000
  • Samsung Galaxy Note 10.1 GT-N8010
  • Samsung Galaxy Note 10.1 GT-N8020.

Although the Google Nexus 10 uses the Exynos platform, it has been confirmed as not being affected, as it uses the Exynos 5250 chipset.





« « Previous Article: Anonymous vs. Westboro Baptist Church heats up after church threatens to protest at Sandy Hook school     » » Next Article: Chinese orbiter completes close flyby of asteroid 4179 Toutatis


Leave a Reply

You must be logged in to post a comment.

%d bloggers like this: