2 replies to this topic

[eyecre8]

Please Login or Register to see this Hidden Content

 

Please Login or Register to see this Hidden Content

  34.64KB   33 downloads

A member of an XDA developers forum who goes by the handle 'Alephzain' claims to have found a flaw in several Samsung handsets and tablets that
could allow attackers to enjoy full access to the device's RAM.

The original post found here:

Please Login or Register to see this Hidden Content

states:

Please Login or Register to see this Hidden Content

Exynos-mem's file system permissions are wide-open. It can be read from and written to by ANY software running on the handheld, acting as a portal to the device's physical memory and allowing malicious code to do pretty much anything it wants.

Alephzain says the following about the bug:

Please Login or Register to see this Hidden Content

Another member of XDA forum, Chainfire, has thoughtfully provided an exploit for the flaw and warned:

Please Login or Register to see this Hidden Content

Devices in trouble are said to include:

• Galaxy SIII
• Galaxy Note
• Galaxy Note 2
• Galaxy 10.1 tablets.

Via:

Please Login or Register to see this Hidden Content

Chainfire's exploit code:

Please Login or Register to see this Hidden Content

[SPJESTER]

samsung should umm. Fix this? haha

[wulf]

There is an app by chainfire that can grant you root and patch the security hole to protect the phone from malicious apps. If you dont want root you can still use it to apply the fix only.

Reportedly samsung is aware of the issue. Another workaround is apply a custom kernel that addresses this but you have to unlock bootloader first.

Sent from my SCH-I605 using Tapatalk 2