Latest Updates

The Samsung Exynos kernel exploit - what you need to know


Note 2


A new kernel exploit has been found (credit to alephzain at XDA) that affects someSamsung Exynos chipsets-- which happen to power many of Samsung's more popular phones. Normally kernel exploits don't make the rounds as news, but this time the word "malware" got attached to it so it has a bit of steam behind it.
Let's start this by reminding everyone that any app or program that roots your Android phone or jailbreaks your iOS device is malware by this definition. People really need to give up on that damn click-bait, and instead worry about educating people to help keep them safer. That's what we're going to try to do, so read on and lets have a look.
Source: XDA; More: Chainfire'sExynosAbuse root exploit thread

The exploit and affected devices

The actual exploit itself only affects devices with the Exynos4210 and 4412 processor. That means the Sprint Galaxy S II, the international Galaxy S II, the international Galaxy S3, the international Galaxy Note, and the Galaxy Note 2 are all affected, as well as tablets using the Exynos 4 -- certain Galaxy Player models, Galaxy Tab 2 devices and the Galaxy Note 10.1. We also don't want to forget the Galaxy Camera. While the US versions of the Galaxy S3 are safe this time, that's still a whole lot of phones. There are also a few other phones (like the MEIZU MX) that use this SoC and may be affected.

Why is this different?

But why is what's basically a one-click root APK making the news? It's a pretty severe bug in Samsung's kernel source that let's users have access to the device RAM, and then we're free to dump it and see what's there or inject new processes of our own. The proof of concept APK that roots all the above named devices with one click (note that even the Verizon Galaxy Note 2 with a locked bootloader is easily rooted) is a perfect example. The train of thought is that an app could be built that roots your phone, then uses the new elevated permissions to send data off to somewhere else, or do any number of equally dirty things you can do with root. These apps could be distributed anywhere, and are easily installable. Always remember that a rooted phone or an unlocked bootloader means half the work for "the bad guys" is already done. This exploit makes that half easy for those same bad guys if your device is unrooted.

What should I do?

First, make sure your devices is affected, We've listed them above, but if you still have questions ask in the forums. It's important to know if your device is affected or not. There are plenty of people who will give you the answer you're looking for.
If you're one of the many who have a custom ROM to help get away from the TouchWiz, you'll need to get with your ROM developer and see if his or her kernel is affected. Your device is probably already rooted, but you still don't want to be running around with a big unpatched hole that lets an app read a dump of your device memory.
If you're using a stock device and it's affected by this, your phone won't suddenly go rogue all on its own. You'll need to be mindful of what you're downloading and installing, especially if you're downloading and installing pirate copies of apps. There is no specific app permission to look out for, as everyone is able to access the device memory. You'll have to be vigilant -- just like you always should be. It's worth noting that nobody has seen or heard of any malware using this bug, and likely never will.
Samsung, here is your chance to make us love you even more. While this is not the "sky is falling" scenario that many will make it out to be, it is a critical flaw in the kernel that needs addressed quickly and thoroughly. We have no doubts that a patch will come soon that fixes the permissions, but having the patch and getting it to your users is another matter. We've reached out to Samsung for their side of this one, we'll let you know as soon as they respond.

Via: The Samsung Exynos kernel exploit - what you need to know

0 Response to "The Samsung Exynos kernel exploit - what you need to know"

Post a Comment