Root can be achieved easily, malicious apps can perform kernel code injections
Samsung’s high-end Galaxy S III and Galaxy Note II smartphones, as well as other devices powered by the company’s Exynos 4210 and Exynos 4412 processors are said to be vulnerable to a kernel exploit.An XDA-Developers forum member has discovered the flaw in these devices, and says that it allows for rooting them without the need of Odin.
“The security hole is in kernel, exactly with the device /dev/exynos-mem,” said forum member notes in a recent post.
He also notes that, while the exploit allows users to easily gain root access on these devices, there’s no control over it. This means that malicious applications can perform kernel code injections, and do other harmful actions on these smartphones.
Apparently, Samsung is already aware of the situation, though the company hasn’t yet released an official statement on the matter.