There is certainly some troubling news right now on the Android protection front : an vulnerability has been learned for Samsung's Exynos 4 - driven devices. Though the associated exploit is valuable for the mod scene in that it can be harnessed to get superuser permissions and root fairly significantly any device running on an Exynos four chip, it really is also got some rather disturbing implications. In accordance to an XDA member with the cope with "alephzain", who formulated the exploit, using this safety hole can also grant an app obtain to all actual physical memory on a provided gadget - basically, everything saved in RAM is good game. The digital listing for memory inside of the kernel, dev/exynos-mem, is wide open up, evidently for accessibility to several digicam - linked features.
androidpolice.com/wp-content/uploads/2012/12/nexusae0_exynos.jpg">
The exploit bypasses method permissions on the kernel amount, using advantage of read through / compose permissions within just the kernel. Afflicted equipment potentially contain something jogging an Exynos 4210 or 4412 processor, such as the worldwide designs of the Galaxy SII and SIII, the Galaxy Observe and Note II, Galaxy Tab seven. 7, Galaxy Be aware 10. one , and several units from Meizu, Lenovo, and scaled-down Asian suppliers. Most U.S. Samsung types equipped with LTE, including the Galaxy S III for all four major carriers, are not afflicted.
If it appears like we're making a large offer about this, that is mainly because it is a massive offer. For some motive, when Samsung's computer software department produced the kernels for these two collection of processors, they elected to go away read / write permissions open. Theoretically, any app could get root access to an influenced product with no any user - struggling with alert, or even restarting the gadget. Though some have speculated that this is to enable broader accessibility for Samsung's personal internal applications, this seems not likely, and in any case would be a bad motive for undertaking so.
Effectively - regarded XDA member "Chainfire" has introduced an APK that will root an afflicted device and patch the vulnerability. You can download acquire it on the initial XDA website page under. Root is not expected, but if your system is not rooted presently, it will be following using the app. This could void your guarantee, but it would also make your Exynos 4 - driven unit measurably more secure. According to Chainfire, Samsung has been created conscious of the issue. Android Police has also contacted Samsung's PR section. They have not issued a declaration at the time of writing.
XDA Developers - ExynosAbuse APK v1. ten (Chainfire)
XDA Developers - Root Exploit on Exynos (alephzain's documented exploit)
Thanks to Debadatta and shojus for the ideas !
0 komentar:
Posting Komentar