5

[ROOT][SECURITY] Root exploit on Exynos

view full story
linux-howto

http://forum.xda-developers.com – Hi, Recently discover a way to obtain root on S3 without ODIN flashing. The security hole is in kernel, exactly with the device /dev/exynos-mem. This device is R/W by all users and give access to all physical memory :confused: ... what's wrong with Samsung ? Its like /dev/mem but for all. Three libraries seems to use /dev/exynos-mem:/system/lib/hw/camera.smdk4x12.so /system/lib/hw/gralloc.smdk4x12.so /system/lib/libhdmi.so Many devices are concerned :Samsung Galaxy S2 Samsung Galxy Note 2 MEIZU MX potentialy all devices who embed exynos processor (4210 and 4412) which use Samsung kern (HowTos)

Tasshin's picture
Submitted by Tasshin on 12/15/2012 – Made popular on 12/15/2012

Stories similar to [ROOT][SECURITY] Root exploit on Exynos

Some bad news is surfacing this weekend for owners of several popular Samsung devices. Members of XDA Developers identified a kernel exploit for devices with certain Exynos processors that could provide root access without flashing the device. According to XDA member alephzain, the vulnerability was discovered on his Samsung Galaxy S III in /dev/exynos-mem.

In December we reported on an exploit that had been discovered in Samsung’s Exynos chips. We have not heard of any malicious activity related to the security hole, though it became a popular vector for rooting devices. After looking into the issue, Samsung has started the process of issue a fix for the vulnerability.

Samsung is apparently giving Qualcomm the boot and looking to distance themselves from the major chip manufacture to start using their own next-gen quad-core Exynos CPU on the yet to be revealed Galaxy S III.  An unnamed Samsung exec spilled the beans when hinting to the Korea Times that the new flagship device will not include Qualcomm’s CPU.

Here we are again, in the midst of Galaxy S IV rumor season, and this year’s brought about a bountiful harvest. The latest rumor in the bunch is that Samsung’s next flagship will feature a hardcore Exynos 5 Octa processor clocked at 1.8GHz, according to SamMobile. For what it’s worth, that’s eight cores.

In a joint announcement issued by AT&T and Samsung, the two shared information on some devices slated to be available “in the coming months” for AT&T’s 4G LTE network. The devices include three smartphones powered by Android and one tablet device. Headlining the list of forthcoming devices is the Samsung Galaxy Note II, the eagerly awaited for successor to the Samsung Galaxy Note.

  What exactly is the Samsung GT-N7100? I’ll tell you what we know. We know that it has a Exynos 4412 processor with Mali 400 graphics, we also know that the screen resolution is 1280 x 720 with a 16:9 aspect ratio and finally we know that the device is currently running Android 4.0.4 Ice Cream Sandwich.

http://www.androidnext.de/schwerpunk...rview-english/

Quote:

A while ago I publicly stated “keep away from Exynos devices”. Of course it shouldn’t be generalized like that. It’s totally okay to recommend a Samsung device to a regular user. All manufacturers have an equally bad update policy, so if you like a Samsung device, just buy it.

Last week I wrote about Samsung releasing code to a new DRM driver for one of their ARM SoCs, the Exynos 4210 that's used by the Samsung Galaxy S II and other mobile devices. It looks like this open-source kernel driver from Samsung stands a chance as being the first...

I want a phone with at least a 4.5" screen.

The Galaxy Note II will cost £530, which I can't afford.

So, as far as I am aware, I have three main options:Samsung Galaxy Note - £370 (16 GB) SoC Samsung Exynos 4210 CPU 1.4 GHz dual-core ARM Cortex-A9 GPU ARM Mali-400 MP RAM 1 GB Screen: 5.3" HD Super AMOLED - 1280x800 (285 ppi)Samsung Galaxy S III - £410 (16 GB) SoC Samsung E