Developers Release Exploit for Samsung Galaxy Android Vulnerability

Developers have released an exploit for a security bug in Samsung mobile chips that could allow attackers to access data held on Samsung Galaxy smartphones or tablets, and install malicious code.

The vulnerability affects the ARM-based Exynos System-on-a-chip (SoC) processor that powers most Samsung devices, specifically involving the 4210 and 4412 chip models, according to a developer on the XDA Developers forum using the handle “alephzain”.

Samsung Galaxy devices affected

The affected chip is used in various models of the Galaxy S2, Galaxy S3, Galaxy Note and Galaxy Tab, according to alephzain. The Google Nexus 10, manufactured by Samsung, is not affected as it is built around the Exynos 5250.

The problem lies with the way the Android Linux kernel is implemented on the chip, according to alephzain, who called its implications “frightening”.

“This device is [readable and writable] by all users and gives access to all physical memory,” alephzain wrote on XDA Developers.

“The good news is we can easily obtain root on these devices and the bad is there is no control over it,” alephzain continued. “Ram dump, kernel code injection and others could be possible via app installation from Play Store. This security hole is dangerous and could expose phones to malicious apps. Exploitation with native C and JNI could be easily feasible.”

Over the weekend another user, using the handle “chainfire”, posted an Android application package (APK) exploiting the vulnerability. Chainfire wrote that any application can use the exploit to gain administrator (root) privileges without user interaction.

Security concerns

User “supercurio” said Samsung had been notified, but the company did not immediately respond to a request for comment. Developers posted a low-level kernel fix for developers on the forum.

Android has come under increasing security scrutiny of late, with security vendor Bit9 last month identifying more than 100,000 applications on the Google Play application marketplace as “questionable” or “suspicious”. The company said its findings underscores the sometimes overlooked risks posed by permission-hungry applications.

In its examination of more than 400,000 Android apps, Bit9 found 72 percent use at least one high-risk permission. In addition, 42 percent of the apps access GPS location data, including wallpapers, games and utilities; 31 percent access phone calls or phone numbers; 26 percent access personal data, such as contacts and email; and 9 percent use permissions that can cost the user money.

“Our research shows that 26 percent of apps in Google Play have access to personal information such as contacts and email, and in our survey, 96 percent of employers, who permit personal devices to access their networks, allow employees to connect to company email and contacts,” the company said in its report.

Are you a security pro? Try our quiz!