Security Hole Found in Several Samsung Smartphones

By Zak Islam
published

Developer discovered vulnerability in Exynos 4-powered devices, including the Galaxy S2 and Galaxy Note.

A security hole affecting several Samsung devices has been uncovered, which could allow apps to access user data, as well as leaving a smartphone vulnerable to malicious applications and bricking.

Discovered and explained by XDA member "alephzain," the vulnerability derives from the Exynos 4, an ARM-based system-on-chip powering a number of Samsung handsets.

The developer created an exploit which he claimed bypasses system permissions, subsequently allowing any application to obtain data from the device's RAM or inject malicious code into the kernel.

Alephzain stated that he uncovered the vulnerability upon trying to find a new method to root his Galaxy S3. The exploit itself, however, affects the Galaxy S2, Galaxy Note and Meizu MX, while Google's Nexus 10 is unaffected due to the utilization of the Exynos 5 chip.

"The good news is we can easily obtain root on these devices and the bad is there is no control over it," Alephzain said.

Contact Us for News Tips, Corrections and Feedback

19 Comments Comment from the forums
  • joytech22
    Well, I'm not affected with my Galaxy Nexus, but my Note 10.1 is vulnerable.
    In saying that though..

    101 of I.T - Stick to reputable sources and you'll be fine. :D
    Reply
  • john15v16
    Crap! My instinct told me NOT to click on this article because It was probably cut-copy-paste by the notorious anti-anything-but-apple, Zak Islam...
    Reply
  • sharksman
    leave it to Zak iSlam to jump on a story he not only did not research, but doesn't quite understand either.
    Reply
  • The-Darkening
    Title should read: "Security Hole discovered on Exynos 4 devices". This shit with Zak iTard is getting old.
    Reply
  • halcyon
    Move along...nothing to see here. Move along....
    Reply
  • house70
    It's up to the user to open up his/her system to malicious code. One has to try real hard to make Android OS vulnerable, because by default it won't allow installation of apps from third party sources, the debugging mode (that allows ADB) is not checked, and the system has to be given specific permissions to install anything, including the authorized apps.
    If the user jumps through all these hoops AND chooses to run insecure code, it's up to him/her to suffer the consequences. It's like clicking on all the porn-related pop-ups on your computer (after willingly disabling your firewall and AV) and then complaining your system is compromised. Good luck with that.
    Even so, a factory reset is all it takes for an Android system to recover, giving said moron another chance in doing it all over again or playing it safe.
    I, personally, know a thing or two about this, and when I choose to take the riskier path, I know exactly what the pitfalls are. That is the beauty of Android, it allows one to do whatever they want with their phones. The greater the freedoms, the greater the potential risks, but I prefer it that way to a nanny system that tells me what I can and I can not do.
    Reply
  • wildkitten
    otacon72Yet you chose to post a useless comment...good job. Some people scare me on here.These Zak haters are mindless fools. They claim he is some sort of pro Apple guy, yet ignore the fact he writes even negative articles about Apple, that in fact, as his job is, he simply writes what he is suppose to regardless of whether it is positive or negative. They hate Apple so much they let that hate bleed over and show themselves incapable of reasoned, rationale thought.

    If these Zak haters actually read the XDA post where this information was gotten from, they would recognize that the reason it is Samsung prevalent is because of how easy it should have been for Samsung to have noticed these things....
    The question is why permissions are set to read/write for all in kernel AND in ueventd.smdk4x12.rc:•samsung developper in charge of this would lose his job
    •some samsung apps with basic rights need to access it (I doubt it)
    •a huge mistake
    A simple patch could be to set permissions to 0660 or 0600 in ueventd.smdk4x12.rc, but I don't know how it would affect samsung applications/services.

    Honestly, you Zak haters really need to look in the mirror and ask what's so wrong with yourselves that your blind hatred and obvious bigotry for something can spill over to a person merely doing their job and why it has made you so stupid you can't even click the link to the source material from where the article was taken.
    Reply
  • InvalidError
    The exploit has absolutely nothing to do with the silicon or the ARM architecture.

    The exploit is a silly driver exposing the whole system RAM as a block device that gives full access to everyone, bypassing all other access controls. All Samsung needs to do is either restrain access rights to that driver or remove it altogether and rewrite the few bits of proprietary software that used it.

    Careless mistakes happen everywhere. This one just happened to be bigger than average.
    Reply
  • acerace
    You're one of the most wise people on here, wildkitten. I fully agree with your statement. As I stated before, Tom's is full with people that have immature minds.
    Reply
  • ivanto
    If users are in danger, people should be informed. That's what this article is about. In fact, my friend's wife bought Galaxy 2 this weekend and it needs to be taken care of.
    -IvanTO
    Reply