There’s some disturbing news today on the Android security front: an vulnerability has been discovered for Samsung’s Exynos 4-powered devices. While the related exploit is useful for the mod scene in that it can be harnessed to gain superuser permissions and root pretty much any device running on an Exynos 4 chip, it’s also got some rather disturbing implications. According to an XDA member with the handle “alephzain”, who developed the exploit, using this security hole can also grant an app access to all physical memory on a given device – basically, anything stored in RAM is fair game. The virtual directory for memory within the kernel, dev/exynos-mem, is wide open, apparently for access to various camera-related functions.
A security issue has been identified on Android devices running Samsung’s Exynos processors, which includes phones such as the Galaxy S II, Galaxy S III, Note and the Note II (international models).
The issue was identified by an xda-developers member ‘Alephzain’ and if exploited, lets any application complete access to the RAM and the kernel.