Android Kernel Vulnerability Affects Samsung Devices

**SEMIJim** · 12-18-2012, 05:16 PM

Samsung tablet owners beware (from SANS NewsBites):

--Android Kernel Vulnerability Affects Samsung Devices
(December 17, 2012)
A critical flaw in the Android kernel in Samsung smartphones could be
exploited to steal data from the devices. The vulnerability affects a
number of devices, including the Galaxy S2, S3 Note 2 and Note 10.1.
Developer warns of critical vulnerability in many Samsung smartphones | Ars Technica
Kernel vulnerability places Samsung devices at risk | ZDNet
Security flaw found in Samsung handsets, tablets | ZDNet
Suspected security hole found in many Samsung devices | Security & Privacy - CNET News
Samsung devices vulnerable to dangerous Android exploit - Computerworld
[Editor's Note (Murray): Android is simply one more example of the
preference of the market for openness, generality, flexibility, and
backward compatibility to security. Security, in the abstract, ranks
high as a requirement except for everything else.

The SANS piece mentions "smartphones," but this advisory applies to both Samsung smartphones and tablets.

From an XDA Developers thread on it at [ROOT EXPLOIT+PATCH][2012.12.18] ExynosAbuse APK v1.30:

You should be very afraid of this exploit - any app can use it to gain root without asking and without any permissions on a vulnerable device.

Jim

**Ads** · 12-18-2012 05:16 PM

**J515OP** · 12-18-2012, 05:30 PM

Didn't Samsung also have the issue with an update being able to brick their devices previously? Scary stuff. Samsung get your act together!

**SEMIJim** · 12-18-2012, 05:42 PM

Originally Posted by J515OP

Didn't Samsung also have the issue with an update being able to brick their devices previously? Scary stuff. Samsung get your act together!

I don't know about that. Sounds vaguely familiar, tho. I just happened to catch this one because I've been closely-following the Samsung Galaxy Tabs/Phones Clipboard Bug/Crash Problem and, first, caught the post about it in Clipboard crashes on Android 3.0+ Samsung devices, over in the Samsung Developer's forum, then, being a subscriber to SANS NewBites, later saw it there.

Samsung's developers seem to be taking device security not at all seriously. And we're supposed to use these devices to replace credit cards, eh? I don't think so.

Jim

**J515OP** · 12-18-2012, 05:47 PM

Yep, here it is ‘The “Superbrick” Nightmare’ Or How Samsung Screwed All Galaxy Note Owners and of course this Samsung Galaxy Tabs/Phones Clipboard Bug/Crash Problem.

Very, very sad. Samsung has some killer devices but they also need to pay attention

**SEMIJim** · 12-18-2012, 07:50 PM

Given what I've seen of Samsung's handling of the clipboard bug--or should I say non-handling of it, it would appear they learned nothing from the SuperBrick fiasco.

And here I'd been thinking Samsung was a top Android device maker. Pretty disappointing

Jim

**Tom T** · 12-19-2012, 03:12 PM

Samsung acknowledged the problem and promised a fix, but really didn't give a time frame.

Sent from my Galaxy Note 10.1

**SEMIJim** · 12-20-2012, 11:05 AM

Here's something amusing. Hitting the search engines to check out the coverage of this bug, I came across this little gem: Major security vulnerability in some Samsung phones could trigger factory reset via web page. And to think: Before my wife and I decided against going to "smart"phones, Samsung S2s were what we were going to go with.

Sure, anybody's software can have bugs, but some of Samsung's bugs are pretty damn nasty, and lead one to suspect their development people are kind of slipshod. But the bigger issue, in my my mind, is Samsung's nonchalant attitude about them. They appear to disregard reports as long as they can, then take their sweet time getting around to releasing fixes--when they actually do release fixes.

Jim

**SEMIJim** · 12-20-2012, 10:53 PM

Idly perusing Samsung's developer forum, to see if there was any new scuttlebutt on the root vulnerability, I spotted something about JB, so I looked...

new update android 4.1.1
and
Android 4.1.1 update for Tab2 P3100

That's some software QC, that is. Good grief

. Where the hell does Samsung find its developers, Microsoft's cast-offs?

Jim

**Shortyred** · 01-31-2013, 08:38 AM

So was this ever fixed? I just bought a samsung tab 2 coming from a nook color. Maybe I should rethink keeping it????

**SEMIJim** · 01-31-2013, 08:59 AM

Originally Posted by Shortyred

So was this ever fixed? I just bought a samsung tab 2 coming from a nook color. Maybe I should rethink keeping it????

The Samsung Galaxy Tab 2 is not affected by this bug. It only affects products using Samsung's Exynos processor.

You only have to worry about the clipboard crash bug--and whatever new customer abuse Samsung's mobile devices development team comes up with

To answer your question: I don't know if it has yet been fixed. I've seen no announcement to that effect, so I presume not.

Jim

Thread: Android Kernel Vulnerability Affects Samsung Devices

LinkBack

Thread Tools

Search Thread

Display

Android Kernel Vulnerability Affects Samsung Devices

And The Hits Just Keep On Coming: 4.1.1 on Tab 2 Breaks Screen Shot and...?

Ads:

Posting Permissions

Similar Threads

Samsung Shares List of First Galaxy Devices to get Android 4.0/ICS in Early 2012

Samsung Releases Kernel SourceCode for both Galaxy Tab 8.9 Versions

Microsoft Will Soon Begin Receiving Royalties From Samsung on Android Devices

Samsung Released Source Kernel for Galaxy Tab 10.1; Now Overclocked to 1.4GHz Stable!

Patch Against the 'DroidDream' Virus Available - Affects All Pre-Gingerbread Devices

Search tags for this page

android kernel vulnerability affects samsung devices

kernel android tablet

samsung devices vulnerable to superbrick