Wednesday, December 19, 2012

Android is known to be vulnerability friendly but this exploit deals with a security hole in the Samsung Exynos 4 series processors. The brilliant minds at XDA have done this, again. A member of XDA Developers, who goes by the handle of alephzain, discovered this vulnerability which can effectively give complete access to physical memory. Many might not now but this has very huge repercussions for those using devices based on the effected processors, such as attackers could use malicious apps to wipe out user data, quietly access personal data or brick it.

This vulnerability was first tested by alephzain on his Samsung Galaxy SIII to root the device but according to him the vulnerability also exists on Samsung Galaxy SII, Galaxy Note, Galaxy Note II, Meizu MX and other devices which use a Samsung Exynos 4 series processor(Exynos 4210 and 4412) and use kernel sources of Samsung. Unfortunately, he released a complete working exploit with the source code before the vendors could be made aware of it leading to a very serious security issue which has no fix for now.

Although not many people have been reported to be effected by this and there isn't awareness of any app that uses this vulnerability. Also, Samsung is yet to confirm this but a senior moderator named Chainfire has created an APK file which exploits this vulnerability named as ExynosAbuse. Although the app only roots and installs the latest release of SuperSU on "any Exynos 4 based device". The post lists the following devices to be compatible:

  • Samsung Galaxy S II GT-I9100
  • Samsung Galaxy S III GT-I9300
  • Samsung Galaxy S III LTE GT-I9305
  • Samsung Galaxy Note GT-N7000
  • Samsung Galaxy Note II GT-N7100
  • Verizon Samsung Galaxy Note II SCH-I605(with locked bootloaders)
  • Samsung Galaxy Note 10.1 GT-N8000
  • Samsung Galaxy Note 10.1 GT-N8010
According to Chainfire, some Samsung engineers have been flagged to read this post and Samsung has been made aware of it. Also, Supercurio says he has confirmed "that people at Samsung were made aware of it".

Meanwhile, Supercurio has released a quick and a partial fix to the problem. The details about the fix and its application can be found by clicking here.


Post a Comment