Samsung smartphones and tablets vulnerable to kernel attack

by Hilbert Hagedoorn on: 12/18/2012 09:18 AM | source: | 8 comment(s)

ZD Net reports a wide range of Samsung smartphones and tablets with the company's Exynos 4412 and 4210 ARM-based processors are vulnerable to an attack that enables hackers to obtain root access on any of the affected devices.

XDA Developers member alephzain first brought up the vulnerability on the site's forum, claiming that access to the device's physical memory is read-and-write enabled by all users.

With the ability to read and write to memory at will, alephzain said that any application could dump the contents of the device's RAM and/or inject arbitrary code into the kernel. Such manipulations of memory could potentially allow an attacker to extract data and forward it elsewhere, or modify data to present the user with false data while the application does something else. The vulnerability itself also allows devices to be rooted.

The following devices are vulnerable to attack, but the risk seems minimal if you watch out which apps you install on your device.

Samsung Galaxy S2 GT-I9100

Samsung Galaxy S3 GT-I9300

Samsung Galaxy S3 LTE GT-I9305

Samsung Galaxy Note GT-N7000

Samsung Galaxy Note 2 GT-N7100

Verizon-based Samsung Galaxy Note 2 SCH-I605

Samsung Galaxy Tab Plus GT-P6210

Samsung Galaxy Note 10.1 GT-N8000

Samsung Galaxy Note 10.1 GT-N8010

Samsung Galaxy Note 10.1 GT-N8020.

Related Stories

Samsung 840 Pro SSD tested and reviewed - 12/12/2012 09:27 AM
In this article we test, benchmark and review the Samsung 840 Pro SSD. What a stunning piece of technology this is. An SSD that is extremely fast and actually amongst the handful of fastest storage un...

Bend it like Samsung - New Galaxy IV may have unbreakable screen - 12/07/2012 09:01 AM
Samsung Electronics, the world's leading technology company by revenue, is likely accelerating the launch of its next-generation flagship Galaxy smartphone - which may come with a breakthrough unbrea...

Samsung stress testing the Galaxy S3 - Video - 11/27/2012 09:23 AM
Doesn't your skip a beat when you accidently sit on your shiny Samsung Galaxy S3? Well the smartphone is actually designed and extensively tested to handle most of the things you throw at it. The bel...

Samsung Gives Aaway Far Cry 3 with 250 GB Samsung 840 SSD on Black Friday - 11/19/2012 03:25 PM
Samsung announced today that for a limited time over this Black Friday weekend, its new 250 gigabyte (GB) SSD 840 solid-state drives will be available at a special discounted price and will include a ...

Samsung first foldable touchscreen device ? - 10/27/2012 06:06 AM
Samsung has plans to introduce their first foldable touchscreen device begin next year. The Samsung GT-B9150 will use a 5.3” sAMOLED HD DUAL display. According to techjailbreak this new Android device by Samsung is the Samsung Galaxy Q.

Koniakki
Senior Member

Posts: 2767
Joined: 2009-09-15

#4481882 Posted on: 12/18/2012 01:36 PM

*Opens the window and throws his GNote out.

Update: 5 min later police arrests him with charge of murder attempt by throwing brick-like object to a passing pedestrian's head.

anticupidon
Senior Member

Posts: 3451
Joined: 2008-03-06

#4481911 Posted on: 12/18/2012 02:18 PM

only Samsung is vulnerable ?

k1net1cs
Senior Member

Posts: 3783
Joined: 2010-11-14

#4481932 Posted on: 12/18/2012 02:47 PM

only Samsung is vulnerable ?

Yep.

The vulnerability itself is software patchable, because the point of vulnerability isn't actually the Exynos CPU itself, but rather the custom kernel Samsung used IIRC.
One of the prominent XDA devs, Chainfire, has already made a quick fix for it.
God knows when Samsung would officially patch it, though.

Speed Weed
Senior Member

Posts: 1066
Joined: 2011-12-04

#4481955 Posted on: 12/18/2012 03:23 PM

Does it help to run an SGS3 on WiFi only?

Ven0m
Senior Member

Posts: 1764
Joined: 2005-08-12

#4481957 Posted on: 12/18/2012 03:30 PM

Does it help to run an SGS3 on WiFi only?

It's not a remote exploit - you need an installed piece of software capable of reading and writing to the hidden memory partition. So most likely you're fine and you'll be fine.

Andrés
Senior Member

Posts: 4555
Joined: 2006-03-25

#4482009 Posted on: 12/18/2012 04:43 PM

It's not a remote exploit - you need an installed piece of software capable of reading and writing to the hidden memory partition. So most likely you're fine and you'll be fine.

This. If you install apps only from the Play Store, chances are you'll never have a problem. The viruses come for those who install apps from dubious sources.

Speed Weed
Senior Member

Posts: 1066
Joined: 2011-12-04

#4482052 Posted on: 12/18/2012 05:33 PM

Many thanks, Ven0m and Andres, for those reassuring words.

PhazeDelta1
Moderator

Posts: 15618
Joined: 2010-09-12

#4482058 Posted on: 12/18/2012 05:40 PM

The exploit has been fixed. If you already rooted, read below.

Article:
http://www.xda-developers.com/android/dangerous-exynos-4-security-hole-demoed-and-plugged-by-chainfire/

Thread with patch:
http://forum.xda-developers.com/showthread.php?t=2050297

Post New Comment

Click here to post a comment for this news story on the message forum.