Recently, a major vulnerability was discovered in Exynos 4 SoC mainly in Exynos 4210 and Exynos 4412 processors. The security flaw was in the kernel which made the device R/W by all users, apps and gives access to full Physical Memory. In short, this vulnerability gave root permissions to *any* app and there was no control over it.
Just today Samsung issued a statement to Android Central acknowledging the security exploit and promising a software update to fix the security hole ‘as quickly as possible'. Samsung confirms that they were aware of the nature of this security exploit and a specially-coded malicious app is required to take advantage of it. So, the users who install known applications or install applications by trusted developers are probably on the safe side.
Affected Exynos 4210 devices:
– Samsung Galaxy Note GT-N7000
– Samsung Galaxy S2 GT-I9100
– AT&T Samsung Galaxy S2 GT-I777
Affected Exynos 4412 devices:
– Samsung Galaxy S3 GT-I9300
– Samsung Galaxy S3 LTE GT-I9305
– Samsung Galaxy Note 2 GT-N7100
– Samsung Galaxy Note 2 LTE GT-N7105
– Samsung Galaxy Note 10.1 GT-N8000
– Samsung Galaxy Note 10.1 GT-N8010
Official Statement by Samsung:-
Samsung is aware of the potential security issue related to the Exynos processor and plans to provide a software update to address it as quickly as possible.
The issue may arise only when a malicious application is operated on the affected devices; however, this does not affect most devices operating credible and authenticated applications.
Samsung will continue to closely monitor the situation until the software fix has been made available to all affected mobile devices.
(Source: AndroidCenteral)