A member of the XDA Developers has details about a vulnerability published that allows apps, with elevated privileges to the main memory of Android smartphones from Samsung access.Affected are devices with Samsung’s ARM -based system-on-a-chip Exynos. According to the forum member Alephzain an application can gain read and write access to the memory and even inject malicious code into the Android kernel.
An attacker could so read transfer the entire contents of RAM, or change existing data in the background, it says in the XDA Developers forum. Also, a malicious app could gain root privileges. Discovered the vulnerability was loud Alephzain in trying to find a new root account for the Galaxy S3. “The good news is that we are on these devices can easily get a root access.The bad news is that there is “no control over Alephzain writes.
Other users of the XDA-Developers Forum have been independently confirmed by Alephzain the vulnerability. A member named Chainfire has been published, an application that could exploit the vulnerability. To run on Samsung smartphones that use the Exynos SoCs 4210 and the 4412th These include models of Galaxy S2, S3, S3 LTE, Galaxy Note and Note 2, rating 10.1 and Galaxy Tab Plus. Combine that with Google developed Galaxy Nexus 10 was not affected because it will powered by a Exynos 5250th
The forum will also discuss how the vulnerability was published. Among other things, the provision of sample code is enough, without Samsung had the opportunity to develop a patch. A member called Super Curio created then one fix that will protect against the misuse of the gap. Samsung has not yet commented on the security breach.