Find news and information about the latest advances in technology, news and multimedia on the Internet, telecommunications, wireless devices & applications, electronics, smartphones, tablets, ultrabooks, computers, e-mail and the Web.


Developer finds vulnerability in Exynos 4-powered devices, including the Galaxy S2 and Galaxy Note, that bypasses system permissions, letting data be extracted from RAM or malicious code be injected.

Samsung's Galaxy Note 2.Samsung’s Galaxy Note 2.

(Credit: Josh Miller/CNET)

A suspected security hole affecting a handful of Samsung smartphones could give apps access to user data and leave the handset vulnerable to malicious apps and bricking, according to a developer.

The vulnerability, which was discovered and detailed by an XDA member with the handle “alephzain,” lies in Exynos 4, the ARM-based system-on-chip typically found in Samsung smartphones and tablets. Alephzain developed an exploit he said bypasses the system permissions, allowing any app to extract data from the device’s RAM or inject malicious code into the kernel.

Alephzain said that he stumbled upon the vulnerability while trying to find a new way to root his Galaxy S3, but that the exploit affects the Galaxy S2, Galaxy Note, and Meizu MX as well. However, the Nexus 10 is unaffected as it uses the Exynos 5 chip.

“The good news is we can easily obtain root on these devices and the bad is there is no control over it,” alephzain writes.

This article has previously been published at: http://news.cnet.com
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Tag Cloud

%d bloggers like this: