Samsung Android User please takecare

Please stop download APK from any non trusted web/source and Takecare if you’re using :

Compatibility:
(If your device isn’t listed it could still be both compatible with the exploit as well as this fix !)

Samsung Galaxy S2 GT-I9100

Samsung Galaxy S3 GT-I9300
Samsung Galaxy S3 LTE GT-I9305

Samsung Galaxy Note GT-N7000

Samsung Galaxy Note 2 GT-N7100
Samsung Galaxy Note 2 LTE GT-N7105
AT&T Galaxy Note 2 SGH-I317
Verizon Galaxy Note 2 SCH-I605 both locked and unlocked bootloaders work

Samsung Galaxy Camera EK-GC100

Samsung Galaxy Tab Plus GT-P6210

Samsung Galaxy Note 10.1 GT-N8000, GT-N8010, GT-N8013, GT-N8020

Google Nexus 10 not compatible, Exynos5

They can use this bug to Flash your unit without any notice. So, only download in Google Play until a fix’s out

Details :

This bug can obtain root on S3 without ODIN flashing.
The security hole is in kernel, exactly with the device /dev/exynos-mem.
This device is R/W by all users and give access to all physical memory

The good news is we can easily obtain root on these devices and the bad is there is no control over it.
Ram dump, kernel code injection and others could be possible via app installation from Play Store. It certainly exists many ways
to do that but Samsung give an easy way to exploit. This security hole is dangerous and expose phone to malicious apps.
Exploitation with native C and JNI could be easily feasible.

Quick Fix :

Fix for Rooted Users : http://forum.xda-developers.com/showthread.php?t=2050297

Fix for Non-Rooted Users : http://project-voodoo.org/articles/instant-fix-app-for-exynos-mem-abuse-vulnerability-no-root-required-reversible

*** Removing either read or write permissions will kill the camera (Front?). Disable in app, you may use it again.

Facebook comments:

comments

Leave a Reply

Your email address will not be published.

Connect with Facebook