Samsung Acknowledges Severe Android Vulnerability

A serious vulnerability in the Android kernel for their Exynos processors in many of their phones, including the Samsung Galaxy S3, has been found by the Android hacking community. It may be used by any application to root (jailbreak) or unroot the device, brick it or even silently modify arbitrary memory or other applications.

Larry Seltzer, Contributor

December 20, 2012

1 Min Read

A vulnerability in the Samsung Exynos Android kernel was recently found by a developer xda-developers group. Samsung has acknowledged the vulnerability and promised a software update to fix it as soon as possible.

Exynos is an ARM SoC (System on Chip) used in many of their devices, including the Galaxy S3, the Galaxy Note 2, and a few non-Samsung products such as the Lenovo LePhone.

The vulnerability gives the program complete access to device RAM and is being used for rooting devices, but can also be used by a malicious app to take control of the device, disable (brick) it or even silently modify arbitrary memory or other applications.

Samsung issued a statement about the flaw to Android Central:

Samsung is aware of the potential security issue related to the Exynos processor and plans to provide a software update to address it as quickly as possible.

The issue may arise only when a malicious application is operated on the affected devices; however, this does not affect most devices operating credible and authenticated applications.

Samsung will continue to closely monitor the situation until the software fix has been made available to all affected mobile devices.

As Samsung says, users who stick to legitimate apps from legitimate sources are unlikely to encounter this problem, but there have been many cases of malicious software being successfully submitted to the Google Play store.

Hat tip to the many Android-focused sites I linked to above and, originally, to Mikko Hypponen of F-Secure on Twitter.

About the Author(s)

Larry Seltzer

Larry Seltzer

Contributor

Follow Larry Seltzer and BYTE on Twitter, Facebook, LinkedIn, and Google+:

See more from Larry Seltzer
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
SIGN-UP

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

cybercrime abstract with two locks
Cyber Resilience
10 Cyber Incident Response Tips From Those Who've Had a Breach and Lived to Tell About It10 Cyber Incident Response Tips
bySara Peters
May 8, 2024
6 Min Read
DNA (deoxyribonucleic acid) strand, illustration.
Data Management
DNA is an Ancient Form of Data Storage. Is it Also a Radical New Alternative?DNA is an Ancient Form of Data Storage. Is it Also a Radical New Alternative?
byRichard Pallardy
May 7, 2024
15 Min Read
Paul Nakasone, former director of the National Security Agency, and a former commander of US Cyber Command, speaks at the RSA Conference 2024.
Cyber Resilience
Four Horsemen of Cyber Reunite at the RSA ConferenceFour Horsemen of Cyber Reunite at the RSA Conference
byJoao-Pierre S. Ruth
May 9, 2024
6 Min Read
Technologist and author Bruce Schneier addresses the crowd at RSA Conference 2024 about the future impacts of AI on democracy.
Machine Learning & AI
Bruce Schneier: 5 Ways AI Could Shake Up DemocracyBruce Schneier: 5 Ways AI Could Shake Up Democracy
byShane Snider
May 8, 2024
6 Min Read
Business innovative solution and creative concept as a paper boat tied to a light bulb
IT Leadership
9 Ways to Ensure Continuous Innovation9 Ways to Ensure Continuous Innovation
byLisa Morgan
Apr 2, 2024
9 Slides
Webinars
More Webinars
White Papers
More White Papers
Live Events
More Live Events
Reports
More Reports
May 2, 2024
While there are plentiful options in cyber resiliency and business continuity tools and platforms, there isn’t one that can knock out everything from sudden cloud outages to prolonged ransomware attacks in a single punch. What can you do to keep the company on its feet no matter what is thrown at it? Find out in this new virtual event.
Reserve Your Seat Now