Got a Samsung Galaxy SIII? Maybe a Galaxy Note? Well listen up because there's a new boogeyman on the loose. According to a thread at XDA Developers, there's an exploit out there that can let Android malware apps get at all your physical memory, for the purposes of stealing your data or deleting it or whathaveyou.
The exploit was found by a user called Alephzain who was able to use it to root his Samsung Galaxy S III, but the flaw also extends to a number of Samsung phones, all of which have certain Exynos processors, a key element to using the exploit. It's working in practice too, another user called Chainfire has already build an apk that can use the "ExynosAbuse" to root a number of devices including:
Samsung Galaxy S2 GT-I9100
Samsung Galaxy S3 GT-I9300
Samsung Galaxy S3 LTE GT-I9305
Samsung Galaxy Note GT-N7000
Samsung Galaxy Note 2 GT-N7100
Verizon Galaxy Note 2 SCH-I605 (locked bootloaders)
Samsung Galaxy Note 10.1 GT-N8000
Samsung Galaxy Note 10.1 GT-N8010
It's worth noting the Nexus 10 is safe because it has a Exynos 5 chip instead of a 4.
Users on the thread have reached out to Samsung to share information about the vulnerability, but Samsung has yet to come out and say anything about it. In the meantime, the affected devices are susceptable to all kinds of attack by malware apps, although there are no confirmed cases of attack, so far. If you needed another reason to not going around downloading sketchy apps on your GSIII, this ought to do the trick. [XDA Developers via The Next Web]