Shared publicly  - 
 
Exynos Security Bug

No doubt the press will be making the rounds on the recent Exynos 4 security issue. As of this morning, the patches for Exynos 4412 and 4210 have been merged into our 10.1 source. 

10.1 nightlies from this evening forward are not affected. We will also be working on adapting the patch to our jellybean and ics branches where necessary. 

Protip: In the end, security always comes down to you as an end user. Be smart, and educate others. 
373
54
parwani bacha's profile photoAriel Giron's profile photoOmar Morales Luna's profile photoSusana Gonzalez's profile photo
59 comments
 
Yes, that hurt... Will use my Captivate until a fix is offered.

Galaxy S III d2att  cm-10.1-20121218-NIGHTLY-d2att.zip
 
+Nick Vitha I don't think so. There are plenty Exynos devices: S3, Note 2, S2, Note 1 and many tablets.
 
Wait.
I thought codeworkx had already patched this a few days ago.
 
+Abhisek Devkota  I see. My Google account was scrubbed by cm-10.1-20121218-NIGHTLY-d2att and removed the option under Accounts for Google. Where do I report a bug like this?
 
Thats not a bug. So, you don't. Read yesterdays 'considerations' post, specifically the part on proprietary apps.
 
I'm curious, what practical danger does this exploit bring for average users?
 
Does this ROM have nav bar
 
Pleaseeeee NIGHTLY 10.1 for Hercules, Samsung Galaxy S2 T Mobile
 
+Bill Puckering hypothetically, an application could be available in the Play Store (assuming it bypasses Google's Bouncer and malware filter), that could gain full (root) rights to any phone utilizing this chipset and affected kernels. 

Practically, I think this would be a fairly simple thing for Google to filter for (if they don't already). The larger target here is that the Exynos 4 based S3's are the international variant. Couple that with the proliferation of Android in China and surrounding countries, and the abundance of rogue apps and market-like sources out there (including warez repos). This presents a mighty juicy target for data compromise, hacking, or usage of this exploit as a vector for more traditional malware behavior (ie silently install pay-for-sms spam software, etc). 
 
+Ariel Giron Nightlies are highly unstable anyways. Plus Team Chopsticks is in charge of our device. It will come in due time.
 
Lesson learned: Never buy another +Samsung Mobile device.

By the time Samsung even admitted this critical bug, the community fixed it. For free! Doesn't +Samsung Mobile pay developers for this?

Why so seriously-slow, Samsung?
 
My S3 no longer accepts my Sim card after upgrading to 10.1?
 
+André Luz codeworkx put in an initial workaround a few days ago to remove world read/write permissions from the node for both 4210 and 4412.

This is still vulnerable if something manages to get access to the graphics group (Which I believe any app given camera permissions by the user has), so 4210 contains a port of AndreiLux's patch which allows the exynos-mem device to ONLY be used for legitimate purposes (access to reserved memory regions).  A correction to the original post:  4412 does not have this additional patch yet.  A few issues with negative impacts on some devices need to be resolved, I'll be working on it tonight.
 
+Dominik George its neither upstream or Linux. This is code they introduced specifically into their Exynos kernels. We inherited the issue by using their kernel sources.
 
Way to go CM team.. The big guns at the corporate should take note that this is how a critical issue is addressed.. Releasing a patch which takes months.. Are we in the 90's?
 
And to imagine the horror that Sammy is the largest phone manufacturer and I am sure sells the maximum no of droids.. And right now the hot sellers are the complete Exynos bandwagon.. These patches need to roll in just like to virus defs do.. Small sized patches.. Just like meds
 
Whoever thought that the way to make a camera driver was to give userland complete access to mem needs firing. Just another reason not to buy junk made by vendors who won't release their driver source.
 
I've got one of the European affected phones. I'm not worried. I've just froze all updates for all my apps and will refuse to put anything new into the phone until Samsung gets this update out.
Simple really.
And do I regret buying the S3 lte? Not a bit. It's probably the fastest user friendly phone I've ever had.

 
Do the Cm9 and CM10 builds need the same patches ? Or just CM10.1?
 
+Steven Harper the exploit is in all three, so yes, they will receive the patches as well (as mentioned in OP). 
 
+Steven Harper.. It's not CM.. It's a problem with all Exynos devices running any ROM.. The Exynos drivers that Sammy provides are responsible.. This means all ROMS currently on any Exynos device except the latest CM10.1 nighties which incorporates a the same patches need the fixes
 
+Kamal Tailor Timing...  All of the current Exynos4 maintainers decided that their current Exynos4 devices would be their last right around when it was released.  Plus even if we hadn't made that decision, all of us had purchased devices too recently.
 
+Steven Harper If you're still working with 9 or 10 source trees, feel free to cherry-pick the 4210 commits and gerrit them.  If you verify on your I9100, I'll arrange for them to be merged.  (I'm focusing on getting 4412 patched up tonight before I leave for the holidays.)
 
Thank you CM team :) yet another in the long list of reasons to love android!
 
Exynos 4412 and 4210? Merging into the 10.1 source? Jellybeans? Ics branches? Ohhh ... can you put that in English for me please?
 
+Nick Larson It means applying the same fix for people running CM9 or CM10 that use the chipsets 4412 and 4210.

So this means the i9100 and other Samsung devices
 
+Steven Harper Test the exploit and camera before/after on I9100.  (Exploit is easiest to test by putting the binary in /data/local/tmp)  If you +1 it, I'll reccommend +Daniel Hillenbrand merge it for CM10/9.  I'm basically at the "no more CM until the new year" point.  Except maybe a "slay all the beasts" patch.
 
+Steven Harper Yup.  All Exynos 4210 devices (I9100/I777/N7000) are patched for 10.1.  As people test the backports on 10.0/9, they will get merged.

Exynos 4412 devices (I9300, N80xx, N7100) need a little more testing/work because Samsung has at least 3 different memory architectures used for camera for those devices.
 
This bug also present in +Lenovo K860 that uses exynos 4412. Wish to see CM ports to this device as well
 
that is bsht there nothing gon happen.
 
/OT Just out of curiosity, I know that most OS upgrades take so long as OEM's QC, but don't they have some sort of fast track for serious security holes?
 
I flashed my I8150 to CM9 n no any Google app was installe. How can I get them back? 
 
I flashed my I8150 to CM9 n no any Google app was installe. How can I get them back? 
 
Looks like the fix was merged into ics a couple days after the original post (http://review.cyanogenmod.org/28802).  I sure would like to see an i777 cm9 build with this.  It'd be a shame if samsung actually beat cyanogenmod to a stable release with this security hole fixed...
Translate
 
i don't know what is this all about.. but why should i use a phone or tablet which has an issue??
 
Tténgo prtoblemas con el idiomaa eestoy con una tablet

Translate
 
Starting to see news reports that Samsung has been doing over the air updates to resolve this security hole for the past couple weeks.  I still can't find that any stable CM builds have been made available with this fix.  Should we assume at this point that it's DIY on security builds if we're not ready to jump to the latest CM10.1 nightlies?
 
+John Toby Knudsen I know its late, but i found your comment due to that i was conquering the same problem. In fact, i solved it by the standard way of flashing the "Google Apps" again (4.2.1, GNEX in my case) - i think this should solve also your future problems occurring with google account. Make sure you flash only Gapps which match to your android version. Best Wishes
Add a comment...