Galaxy S3, Galaxy Note 2, other Android handsets featuring certain Samsung Exynos chips in danger, as new exploit is found

by: Chris SmithDecember 16, 2012


We kept talking about Android malware these days, with various reports from security firms coming out to suggest that even more Android devices will be affected by malicious apps next year.

In addition to these reports, we have a new exploit discovery to show you, via xda-developers, that could prove to be harmful for various 2012 flagship Samsung products including the Galaxy S3 and Galaxy Note 2, but other devices that pack Exynos chips also.

xda user alephazin has discovered a vulnerability in Exynos processors version 4210 and 4412 that essentially allows any Android app to access and control the whole device:


Recently discover a way to obtain root on S3 without ODIN flashing.
The security hole is in kernel, exactly with the device /dev/exynos-mem.

This device is R/W by all users and give access to all physical memory … what’s wrong with Samsung ? […]

The good news is we can easily obtain root on these devices and the bad is there is no control over it.

Ram dump, kernel code injection and others could be possible via app installation from Play Store. It certainly exists many ways to do that but Samsung give an easy way to exploit. This security hole is dangerous and expose phone to malicious apps. Exploitation with native C and JNI could be easily feasible.

Moreover, user Chainfire has already managed to come up with a one-click root method based on this exploit – called Exynos Abuse. And Samsung has been notified about the whole issue.

The company is yet to offer an explanation for this potentially harmful exploit, so meanwhile we’ll just list some of the devices that could be affected, at least in theory, by malicious apps that would target this exploit:

  • Samsung Galaxy S2 GT-I9100
  • Samsung Galaxy S3 GT-I9300
  • Samsung Galaxy S3 LTE GT-I9305
  • Samsung Galaxy Note GT-N7000
  • Samsung Galaxy Note 2 GT-N7100
  • Verizon Galaxy Note 2 SCH-I605 (with locked bootloaders)
  • Samsung Galaxy Note 10.1 GT-N8000
  • Samsung Galaxy Note 10.1 GT-N8010.

We’ll be back with more news once we have it.

  • chanman


  • It could put down the drain all the prestige that Samsung built within the Android community in recent years.

    Right now I can not even think about buying one of these phones! At least until Samsung gives some explanation …

    And be sure it will rain jokes coming from Apple fans.

  • Lol

  • Apple_Guy

    Karma bites, doesn’t it Samsung? Here’s an re-wording of your ad last week right back at you…


    Should have got a Apple iPhone 5

    Get security you can trust.

    • Ian Thomas

      @e3c3a95460d50e279c2b2b580ebca7d8:disqus sigh.. its an electronic device therefore it can be broken and misused, period. Stop with the fan boy nonsense. Look you’re precious iPhone can be hacked as well.

    • Zero0

      This sounds exceedingly similar to an iDevice exploit that came about a couple years ago. Said exploit made it possible to jailbreak a device by opening a webpage.

      This exploit allows root access by running an app.

    • aCe manayan

      HAH! you doche…think before you type, were even know..

  • James Legault

    All eyes on Samsung. Let’s see if the can fix this, yesterday.

  • Pretty sure this isn’t that big a deal. Does no one remember the app z4root? Didn’t that do just this? Open the app and click root

  • 0m1

    shyt, is that the reason my 1 month old galaxy s3 performs like shyt, terrible lags due to unstable Ram usage, 796mb+ with hardly any apps installed(selected few trusted lightweight apps). 2 service center visits and 3-4 online complaints yet unsolved. The best suggestion the tech guy at the service center gave me was to keep on “Clearing The RAM”. (yes, a technician says that). The same problem persists even after the Jelly Bean update via KIES, Though the service center guy also reloaded the firmware twice(that’s what he claims to be a solution after trying to make him understand something’s wrong). Feels like I donated 650USD(35550 INR). None of my friends using a galaxy s3(i9300) have such an issue. :(

    • Robert McCallum

      LoL well that’s one person that has problems with the s3. Next!

      • 0m1

        man, its high time for the largest smartphone maker to ensure that the service lives upto the standards set by their products, hottest selling gadget in the history and this level of service( n i get the defective one). :( finally i got through the front-men. now m supposed to get a call from their higher ups, hope they don’t turn out to be the same.

  • Trudy

    If it wasn’t a problem before it sure will be now that the whole world knows about it. JESUS!

    • ailurophile

      Why invoke a deity?

  • ailurophile

    Huh? All those acronyms and jargon, I don’t know if I’m at risk or not. I’ve got an S 3; how do I find out what chip it’s got? I don’t know what all those alphanumeric codes mean, This provided no useful information whatsoever. Wasted my time reading it, because I can’t interpret it. Very very poor job of journalism. I don’t know any more than I did before reading it. C;mon, Chris Smith, you’re identified as a writer – write!

    • RarestName

      Is it really that hard to Google them?

      • Mike Reid

        Actually yeah, it’s hard to get certain details right at least.

        North American versions using the Qualcomm SOC are not affected. I didn’t think any North American versions had Exynos, but perhaps the GT-i9305 does ?

        Anyway, there’s a workaround here & it doesn’t require root:

  • th3d

    No problem, it requires an app, a webpage is not enough. I dont sideload apps (and i dont visit suspicious web pages), and i doubt a Play Store app will get 3 stars if it has a root exploit so i feel very safe on my Note 2.

  • aeg

    So moral of the story is: Download trusted apps. It’s not that hard.

  • Jared Persinger

    Now for Google’s Motorola to swoop in and steal the spotlight!!

  • Tamara Jessup

    People knock AT&T, but its phones and plans fit my husband’s and my budget – and because its devices don’t use Exynos we’re now spared this security issue. Thanks, AT&T! :-)