Android Kernel Vulnerability Affects Samsung Devices

SEMIJim

Senior Member
Aug 20, 2011
359
23
Samsung tablet owners beware (from SANS NewsBites):
--Android Kernel Vulnerability Affects Samsung Devices
(December 17, 2012)
A critical flaw in the Android kernel in Samsung smartphones could be
exploited to steal data from the devices. The vulnerability affects a
number of devices, including the Galaxy S2, S3 Note 2 and Note 10.1.
Developer warns of critical vulnerability in many Samsung smartphones | Ars Technica
Kernel vulnerability places Samsung devices at risk | ZDNet
Security flaw found in Samsung handsets, tablets | ZDNet
Suspected security hole found in many Samsung devices | Security & Privacy - CNET News
Samsung devices vulnerable to dangerous Android exploit - Computerworld
[Editor's Note (Murray): Android is simply one more example of the
preference of the market for openness, generality, flexibility, and
backward compatibility to security. Security, in the abstract, ranks
high as a requirement except for everything else.
The SANS piece mentions "smartphones," but this advisory applies to both Samsung smartphones and tablets.

From an XDA Developers thread on it at [ROOT EXPLOIT+PATCH][2012.12.18] ExynosAbuse APK v1.30:
You should be very afraid of this exploit - any app can use it to gain root without asking and without any permissions on a vulnerable device.

Jim
 

J515OP

Super Moderator
Staff member
Jan 6, 2011
5,172
899
Didn't Samsung also have the issue with an update being able to brick their devices previously? Scary stuff. Samsung get your act together!
 

SEMIJim

Senior Member
Aug 20, 2011
359
23
Didn't Samsung also have the issue with an update being able to brick their devices previously? Scary stuff. Samsung get your act together!
I don't know about that. Sounds vaguely familiar, tho. I just happened to catch this one because I've been closely-following the Samsung Galaxy Tabs/Phones Clipboard Bug/Crash Problem and, first, caught the post about it in Clipboard crashes on Android 3.0+ Samsung devices, over in the Samsung Developer's forum, then, being a subscriber to SANS NewBites, later saw it there.

Samsung's developers seem to be taking device security not at all seriously. And we're supposed to use these devices to replace credit cards, eh? I don't think so.

Jim
 

SEMIJim

Senior Member
Aug 20, 2011
359
23
Given what I've seen of Samsung's handling of the clipboard bug--or should I say non-handling of it, it would appear they learned nothing from the SuperBrick fiasco.

And here I'd been thinking Samsung was a top Android device maker. Pretty disappointing :(

Jim
 
Last edited:

Tom T

Senior Member
Feb 18, 2011
1,632
191
Samsung acknowledged the problem and promised a fix, but really didn't give a time frame.

Sent from my Galaxy Note 10.1
 

SEMIJim

Senior Member
Aug 20, 2011
359
23
Here's something amusing. Hitting the search engines to check out the coverage of this bug, I came across this little gem: Major security vulnerability in some Samsung phones could trigger factory reset via web page. And to think: Before my wife and I decided against going to "smart"phones, Samsung S2s were what we were going to go with.

Sure, anybody's software can have bugs, but some of Samsung's bugs are pretty damn nasty, and lead one to suspect their development people are kind of slipshod. But the bigger issue, in my my mind, is Samsung's nonchalant attitude about them. They appear to disregard reports as long as they can, then take their sweet time getting around to releasing fixes--when they actually do release fixes.

Jim
 

SEMIJim

Senior Member
Aug 20, 2011
359
23
Idly perusing Samsung's developer forum, to see if there was any new scuttlebutt on the root vulnerability, I spotted something about JB, so I looked...

new update android 4.1.1
and
Android 4.1.1 update for Tab2 P3100

That's some software QC, that is. Good grief
shake.gif
. Where the hell does Samsung find its developers, Microsoft's cast-offs?

Jim
 

Shortyred

Member
Mar 28, 2011
314
8
So was this ever fixed? I just bought a samsung tab 2 coming from a nook color. Maybe I should rethink keeping it????
 

SEMIJim

Senior Member
Aug 20, 2011
359
23
So was this ever fixed? I just bought a samsung tab 2 coming from a nook color. Maybe I should rethink keeping it????
The Samsung Galaxy Tab 2 is not affected by this bug. It only affects products using Samsung's Exynos processor.

You only have to worry about the clipboard crash bug--and whatever new customer abuse Samsung's mobile devices development team comes up with ;)

To answer your question: I don't know if it has yet been fixed. I've seen no announcement to that effect, so I presume not.

Jim
 

Shortyred

Member
Mar 28, 2011
314
8
Thanks for that quick response. May I ask another question? With the crazy amount of tablets out there I am extremly overloaded which tablet is best. I have been a member on the nook forum but is there a place on this forum that shows ranking of tablets best to worst? I always wonder if I just bought the turd or the gem?!!! 8) I wish there was a website that would show this. Thanks for listing to one more frustrated forum consumer!! 8)
 

J515OP

Super Moderator
Staff member
Jan 6, 2011
5,172
899
Thanks for that quick response. May I ask another question? With the crazy amount of tablets out there I am extremly overloaded which tablet is best. I have been a member on the nook forum but is there a place on this forum that shows ranking of tablets best to worst? I always wonder if I just bought the turd or the gem?!!! 8) I wish there was a website that would show this. Thanks for listing to one more frustrated forum consumer!! 8)

Well that is a very subjective question and there truly is no right answer. The large variety of tablets means that there are all kinds of features and designs brought to the tablet that are unique to a certain device. On top of that factor in things like price, customer service, community support and developer support there is really no way to come up with a clear ranking ;)

JP
 
Last edited:

Shortyred

Member
Mar 28, 2011
314
8
Was looking in your sig you have a lot of tabs!!!!!!!!!!! Wow! Whats your fav? My nook color seems so slow and old now.
 

J515OP

Super Moderator
Staff member
Jan 6, 2011
5,172
899
Was looking in your sig you have a lot of tabs!!!!!!!!!!! Wow! Whats your fav? My nook color seems so slow and old now.

Off-topic for this thread but...

At the moment my favorites are the Surface RT and Nook Tablet. A couple of things about your Nook Color. First, in your signature you note CM7.1 which isn't even the most recent stable CM, it's 7.3. Not sure if that it is just because you haven't updated your signature or your CM. Second, CM has moved on to Jelly Bean which is CM10 (CyanogenMod Downloads). While these are nightlies, not stable releases, they run very well. They won't make your NC tons faster but they will refresh it and let you have Jelly Bean goodness.
 
Top