A vulnerability in the Samsung Exynos Android kernel was recently found by a developer xda-developers group. Samsung has acknowledged the vulnerability and promised a software update to fix it as soon as possible.
The vulnerability gives the program complete access to device RAM and is being used for rooting devices, but can also be used by a malicious app to take control of the device, disable (brick) it or even silently modify arbitrary memory or other applications.
Samsung is aware of the potential security issue related to the Exynos processor and plans to provide a software update to address it as quickly as possible.
The issue may arise only when a malicious application is operated on the affected devices; however, this does not affect most devices operating credible and authenticated applications.
Samsung will continue to closely monitor the situation until the software fix has been made available to all affected mobile devices.
As Samsung says, users who stick to legitimate apps from legitimate sources are unlikely to encounter this problem, but there have been many cases of malicious software being successfully submitted to the Google Play store.
Hat tip to the many Android-focused sites I linked to above and, originally, to Mikko Hypponen of F-Secure on Twitter.