Hole in Samsung Processor

Tuesday, December 18, 2012 @ 02:12 PM gHale

A security hole that allows for a full root exploit on Android devices based on Samsung’s Exynos 4 processor released over the weekend by a member of the xda-developers forum.

Devices that use Exynos 4210 and 4412 chips suffer from the issue, including the international versions of the Samsung Galaxy SII, SIII, Note and Note II. Several of Samsung’s Galaxy tablets such as the Galaxy Tab 7.7 and the Galaxy Note 10.1 are have the same problems, along with devices from a few other manufacturers, the researcher said. Quite a few Samsung devices sold in the U.S. use chips equipped with LTE functionality, which Exynos does not work with, and therefore remain unaffected.

Android Bank Apps Steal SMS’
Trojan Hits Open Market
Trojan Executes with Left Mouse Click
Malware Poses as Trend Micro AV

On affected devices, all users have unrestricted read and write access to the /dev/exynos-mem device. The device lists as “Kernel direct-mapped RAM region. This maps the platform’s RAM, and typically maps all platform RAM in a 1:1 relationship” and appears to access the camera, but the incorrect permissions allow any user to access all of the device’s memory.

The hole allows attackers to take complete control of an Exynos-4-based device by distributing a malicious application. The simplest patch for the hole is to change the permissions on the device from 0666 to 0600, blocking anyone but root from access to the device. Fixes have already appeared in versions of CyanogenMod to address the vulnerability.

Users should be aware of the inherent risk in installing an untrusted application, especially on phones vulnerable to this problem. Samsung has yet to issue a statement on the problem and therefore it remains up in the air on when the affected phones will receive a firmware update that resolves the problem.

Leave a Reply

You must be logged in to post a comment.