A member of the XDA developers forum named ‘alephzain’ has claimed that there is a flaw in several Samsung handset and tablets which could allow attackers to access the RAM. The Register ran the story a short while ago.
Alephzain posted the information here claiming that “The security hole is in kernel, exactly with the device /dev/exynos-mem.”
Exynos is the Samsung ARM-based system on a chip and has been used in many of their devices.
Alephzain said “The good news is we can easily obtain root on these devices and the bad is there is no control over it.
Ram dump, kernel code injection and others could be possible via app installation from Play Store. It certainly exists many ways to do that but Samsung give an easy way to exploit. This security hole is dangerous and expose phone to malicious apps.
Exploitation with native C and JNI could be easily feasible.”
Devices which are affected are said to the be Galaxy SIII, Galaxy Note, Galaxy Note 2 and Galaxy 10.1 tablets. The XDA developer forum are happy with the flaw as they can now hack the device on a low level. Apparently Samsung have been alerted to the problem.
Kitguru says: We hope Samsung can issue a fix.