Security flaw found in Samsung handsets, tablets

Security flaw found in Samsung handsets, tablets

Summary: An Android exploit could result in remote attackers gaining root level permissions of Samsung products.

SHARE:
25
samsung exploit devices kernel forum developer hacker remote access

A suspected fault in Samsung's implementation of the Android kernel could result in malicious apps gaining control over user devices.

Brought to light by user "alephzain" on mobile developer forum XDA Developers, the user claims that the flaw potentially affects Samsung devices that use Exynos processor models 4210 and 4412, specific examples including the Samsung Galaxy S2 and Samsung Galaxy Note 2 which use the dual core, fourth-generation Exynos chips.

Exynos is Samsung's ARM-based system on a chip. The newest version of the chip, the Exynos 5 -- or 5250 -- is clocked at speeds of 1.7Ghz and encompasses the latest ARM Cortex-A15 architecture, as well as an ARM Mali T604 quad-core graphics processing unit (GPU). The latest version of Exynos has also recently been used in the latest-generation Samsung Chromebook.

Stating that "The security hole is in kernel, exactly with the device /dev/exynos-mem," and calling the security flaw "a huge mistake," alephzain goes on to describe their findings:

"The good news is we can easily obtain root on these devices and the bad is there is no control over it.

Ram dump, kernel code injection and others could be possible via app installation from Play Store. It certainly exists many ways to do that but Samsung give an easy way to exploit. This security hole is dangerous and expose phone to malicious apps.

Exploitation with native C and JNI could be easily feasible."

Soon after, another forum member, Chainfire, thoughtfully provided a download to an Android application package -- the familiar .apk that we see when downloading a new app to our mobile devices -- which exploits the vulnerability.

"You should be very afraid of this exploit -- any app can use it to gain root without asking and without any permissions on a vulnerable device," the forum use wrote. "Let's hope for some fixes ASAP."

According to Chainfire, affected devices include the Samsung Galaxy S2, Samsung Galaxy Note 2, Samsung Galaxy Note 10.1 and Samsung Galaxy Tab Plus.

The community says that it has informed Samsung of the flaw, and so we can hope a fix will soon be issued if the claims ring true. With so many apps floating around the Internet, the Android operating system has become an increasing target for hackers, who can slip malicious code into seemingly innocent applications which end up stealing data or taking control of your device.

As malicious apps begin to send unauthorized premium-rate SMS messages and steal user bank data, keeping our devices secure is now just as important as being careful when we surf the web on our desktops.

Topics: Security, Hardware, Samsung

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

25 comments
Log in or register to join the discussion
  • We Know already

    Michael Lee covered it hours ago:

    http://www.zdnet.com/kernel-vulnerability-places-samsung-devices-at-risk-7000008862/
    Alan Smithie
  • A "suspected" fault "could" lead to...

    ...as in saying that "having" an open apartment door "could" lead to a burglary.
    Nice informative piece.
    acosta@...
  • No compromise on securiy

    samsung is in race with apple .. let see who win :P
    pickywebdesign
    • It's already known who wins

      Certainly, not Samsung.

      Copying designs and devices is one thing, copying software, development and support is something entirely different. Samsung are not the first copycats to end up with situation like this.
      danbi
      • Lottery numbers

        Or can you only predict apple as ruler of the universe?
        Start with the doctors surgeries and the rest if history eh danbi.
        Little Old Man
        • 8 - 13 - 22 - 24 - 43 - Mega is 19

          And BTW... Apple will only be the ruler of the tech universe and Roid is as secure as a plastic bicycle lock.
          i8thecat4
      • You're certainly right.

        Apple copied Unix, calling it their own, and it still has more malware than Unix/Linux!
        Mediarocker
  • Note that Chainfire's app can fix the exploit too

    If you follow the link and install Chainfire's app, it can root your device and fix the exploit.

    Worry about rooting? Don't, it includes a UAC like system where you can deny all apps root access if/when they request it. The other apps can't get root easily if you fix the exploit and don't give them the permission.
    Natanael_L
    • Short memory

      I still do remember the early PC days, where some people were claiming they could fix hardware errors with software and even some other people claiming they could swap add-on cards in an Apple ][ fast enough, so the "slow" computer can't manage to produce the electrical damage. :)

      There will always be pathetic and uneducated people. Ignorance is bliss, they say. Who knows, it might be better to be ignorant :)
      danbi
      • Are you an idiot?

        A kernel level exploit is software not hardware.
        techadmin.cc@...
        • I can answer that

          Yes he is.

          Maybe he has a point, no one can produce software fixes. Oh it's a software fix is it. You do know the difference danbi? How's bliss working out for you danbi?
          Little Old Man
    • RE: Note that Chainfire's app can fix the exploit too

      @Natanael_L, following the link to XDA Developers that Ms. Osborne provided towards the end of the article:

      1. It's a workaround, NOT a fix
      2. It's unknown whether the workaround will be effective for Samsung's Android 2.x-based devices (Android 2.x currently has the largest market share amongst the Android versions)
      Rabid Howler Monkey
  • How about S3?

    Is the Galaxy S3 affected also? The story only mentioned S2.
    jallan32
    • I was wondering

      as the original reports quoted certain S3's as being vulnerable.

      Just in case, I haven't turned my S3 on since I heard about the problem. The way it's reported it's going to affect YOU and I don't want to take any chances.
      Little Old Man
      • Don't download applications that are unknown....

        And you shouldn't have any issues. It shouldn't keep you from using your phone as long as you refrain from downloading apps.
        linux for me
        • Unless we are talking about a Roid OS bug/hole.

          And then you can just shove your head in the sand, like "Linux for me" recommends... Or... You can dump roid for a better phone.

          Which phone is better than a Roid phone you ask? That's easy, any phone that is not a Roid is better and far more secure.. So choose your favorite flavor, Windows, Crack Berry, or iOS.
          i8thecat4
          • Idk, I've never had any malware..

            I use an android phone every day. All day. Hours on end.

            I have yet to have a single problem with malware...

            Maybe it's because I'm not a tool.
            Mediarocker
      • Which just goes to show that you are hardly the one to be calling people

        idiots.

        If you knew anything about how Android works, you wouldn't have even posted this nonsense.
        .DeusExMachina.
  • I run a Samsung Tablet

    I was a little worried at first but then I realized it was for Android devices. I love my Ativ, Clovertrail and Windows 8.
    Rob.sharp
    • You just wait

      there will be malware for windows too :)
      Little Old Man