Samsung has landed itself another exploit, and a major one at that. This vulnerability probably affects all users with Exynos based devices, more specifically in the kernel on the file called /dev/exynos-mem. According to a user called alephzain on XDA developer forums – who discovered this exploit, it affects devices like Samsung Galaxy S2/S3, Galaxy Note 2 etc., which use exynos processors like 4210 and 4412. To check if your device is affected, open a terminal emulator and type the ls -l /dev/exynos* command. If this returns, crw-rw-rw- in the output, your device is affected and you should take extreme caution before installing any suspicious apps from the Play Store.
The problem actually occurs due to the fact that Samsung wanted the camera and maybe other unknown bundled applications to directly access the memory. What the Samsung developers did here is, instead of writing code to properly control access for this functionality, they gave everyone permission to read and write data to the file. This particular mistake invalidates almost every security function ever present in the Android platform. It would enable anyone to possibly access sensitive data like passwords and even credit card information which are stored in the physical memory. What’s more, it even allows kernel code injection, so that anyone with evil intentions could design an app to take advantage of this and control the device in a manner which is completely transparent even to the kernel. This could be dangerous and even fatal for the security of such devices, unless a fix is released soon.
A surprising fact is that this problem went unnoticed for such a long time and the only reason it might have occurred is probably due to some inexperienced Samsung developer, or someone lazy enough to ignore it. Either way, it shows some serious shortcomings in the software quality that Samsung has been producing for its devices.
