A member of mobile software development community XDA-Developers has discovered a security flaw in Samsung smartphones and tablets.
The developer, who goes by the name Alephzain, claimed that the problem is found in the kernel of Samsung's in-house built Exynos systems The kernel, /dev/exynos-mem, is where the flaw is found. Exynos is an ARM-based System-on-Chips used in many of Samsung's smartphones and tablets.
The /dev/exynos-mem is used for graphic usage like camera, graphic memory allocation, HDMI and more. The graphics data stored in the RAM is now at risk of being leaked out by any app in the smartphone.
Smartphones and tablets which have Exynos 4210 or 4412 System-on-Chips are:
- Galaxy S2 GT-I9100
- Galaxy S3 GT-I9300
- Galaxy S3 LTE GT-I9305
- Galaxy Note GT-N7000
- Galaxy Note 2 GT-N7100
- Verizon-based Galaxy Note 2 SCH-I605
- Galaxy Tab Plus GT-P6210
- Galaxy Note 10.1 GT-N8000
- Galaxy Note 10.1 GT-N8010
- Galaxy Note 10.1GT-N8020.
Although Google Nexus 10 uses the Exynos platform, it was as that the device was not affected as it uses the Exynos 5250, reported ZDNet.
Alephzain said," The good news is we can easily obtain root on these devices and the bad is there is no control over it."
"Ram dump, kernel code injection and others could be possible via app installation from Play Store. It certainly exists many ways to do that but Samsung give an easy way to exploit. This security hole is dangerous and expose phone to malicious apps. Exploitation with native C and JNI could be easily feasible," he added.
It was reported that XDA-Developers have notified the flaw to Samsung. Until the company comes up with a solution for the security glitch users must tread cautiously while using apps as well as installing new apps in to their Samsung devices.