Samsung mobile (Exynos) kernel found vulnerable to exploit

Posted by Shane McGlaun

There are a number of talented hackers and modders working around the clock to root as many Android devices as they can.

Most are dedicated to rooting and unlocking bootloaders to allow owners of Android smartphones and tablets to install software and run a cleaner, less-bloated version of Mountain View's wildly popular mobile operating system.

Recently, an XDA forum member discovered a rather significant exploit that affects certain Samsung devices powered by the company's Exynos processor.

According to "Alephzain," and claims that a method of rooting the device without flashing using Odin has been discovered. Indeed, the Samsung kernel apparently allows read and write access to all physical memory on the device, including the kernel itself.

While this makes it easy to root the devices, such as the popular Galaxy S III and Galaxy Note II, it also leaves the handsets open to attack from nefarious actors, who may be interested in deploying kernel code injections and RAM dumps from malware laden apps placed on the Google Play store.

Another XDA Forum by the name of "RyanZA" has created a patch to fix the above-mentioned flaw which modifies write permissions on affected devices - essentially blocking execution of the security flaw. But be warned - some users who have applied the fix report their camera app no longer functions.

Samsung devices that have been confirmed as vulnerable to the kernel hack include the Galaxy S II and the Meizu MX in addition to the previously mentioned devices. The exploit is believed to work on any Samsung device running the Exynos 4210 or 4412 processor.

Many people with a vulnerable device will certainly not want to risk the functionality of the camera app. The good news is yet another XDA dev member by the name of "Supercurio" has released a second fix wrapped up in an APK that requires no flashing, no rooting, and no special skills to apply. This fix can also reportedly be turned on and off manually.

This isn't the first potentially serious flaw affecting the Galaxy S III, as one recently surfaced in September that could leave Samsung's flagship handset vulnerable to a remote access hack.