Some of the developers over at XDA forums have discovered a very serious security exploit in all Samsung devices powered by the Exynos 4xxx SoC. The exploit can allow a malicious app to easily root gain access to the RAM/physical memory of your device. This can lead to some serious implications including an app stealing all your data, or put your device in an endless reboot.
The list of affected devices include all Samsung devices powered by the Exynos 4 SoC including the Galaxy S2, Galaxy S3, international Galaxy Note, Galaxy Note 2, the Galaxy Tab 7.7 and the Galaxy Note 10.1.
Many of the developers in the Android community have already informed Samsung about the exploit, and the company should hopefully come out with a fix soon.
The plus side of this exploit is that it also allows advanced users to gain root access to their Samsung device without using ODIN. Chainfire, a very renowned Android developer, has already released an APK – ExynosAbsue – that allows owners of affected devices to easily gain root access on their handset.
Supercurio, another popular Android developer, has released an APK that fixes this vulnerability. However, fixing the vulnerability might break the front camera on your device which might be a deal breaker for many.
Via – XDA
Recently, Samsung has received a lot of criticism from the Android modding community and developers for the relatively closed source nature of its Exynos platform. The Exynos platform powers all the high-end products from Samsung including the Galaxy S3 and the Note 2, and the closed source nature of the platform hinders development for these devices.
After a lot of complaints and negative feedback, Samsung promised that it is looking into the situation of open-sourcing its Exynos platform.
Today, the company announced via its Twitter account that it will be open-sourcing the “integrated source code” of its Exynos 4 family of processors by the end of 2012. The company will also setup a git server which will be available to the public by November 2012.
Don’t jump to any conclusions and start praising Samsung here. The company will only be open-sourcing the source code for its OrigenBoard development board. The problem is that CyanogenMod developers still need the source code for other parts of the phone such as the Yamaha audio chip on the Galaxy S2, the Camera on the S3 and more to get a stable AOSP ROM on the S3 and the S2.
Until and unless Samsung open-sources or release AOSP compatible binaries for other closed source parts used on its handsets, getting a stable AOSP ROM on Exynos powered Samsung devices is going to be quite a challenge for developers.