, ,

Major Exploit found in Samsung Galaxy devices, Root possible without Flashing

In a research done by one of the guys at XDA Developers on Samsung Exynos kernel, something very outlandish has been unraveled. According to alephzain, who is a user at the XDA Developers forum, there is a serious loophole in the Kernel which has been ported to multiple Galaxy devices.

The discovered loophole could provide installed apps- an easy access to the physical memory. This functionality can be exploited by some malicious apps to gain root access to the device, wipe/steal sensitive data, install malicious codes, and could also be used to potentially brick the phone.samsung-exynos-5-dual-540x2791

While Alephzain has tested the security loophole only on Samsung Galaxy S III, he believes that devices like Samsung Galaxy S2, Samsung Galaxy Note 2, MEIZU MX, and all other phones which embed Exynos processor (4210 and 4412) and come topped with the default Samsung Kernel, are under threat.

Another senior moderator at the XDA Developer forum has developed an APK file called Chainfire, which makes use of this security exploit to gain root access on Exynos 4 based devices, and thereby installs the SuperSU app on these devices.

So far, it is worth noting that the app has found to be compatible with international versions of the following devices: Samsung Galaxy Note GT-N7000, Samsung Galaxy S3 LTE GT-I9305, Samsung Galaxy S2 GT-I9100, Verizon Galaxy Note 2 SCH-I605 (with locked bootloaders), Samsung Galaxy Note 2 GT-N7100, Samsung Galaxy Note 10.1 GT-N8000, and the Samsung Galaxy Note 10.1 GT-N8010. It is worth noting that only the Exynos 4 devices are affected by the security flaw. Devices like Nexus 10, which are operated by Exynos 5 chipsets, are not affected by this flaw.

While the moderator has flagged this thread for Samsung engineers to read, we’re yet to hear an official word from Samsung regarding the security loophole. If you’re the owner of any of the aforementioned Galaxy devices, be careful. Do not download apps from untrusted sources. According to alephzain, RAM dump, kernel code injection, and more such malicious operations are possible even if you download an app from Play Store. Hence, make sure you review the app you’re downloading, before you actually install it on your phone.

Hopefully, Samsung would release the fix to this through OTA updates, as we believe this is a huge security glitch. We would keep you updated, as soon as we hear a word from Samsung.

[Source: XDA Developers]