hear, hear
Tomasz Torcz
hear, hear
Originally shared by Arjan van de VenThis is waaay worse than it sounds.
This was not some unfixed known kernel exploit.
This was a DELIBERATE design decision. Lawyers should have a lot of fun with this.
Oh and by the way.. your phone very likely is still vulnerable, there's no sign of a wide ranging set of fixes being deployed.
If you haven't read what the security "hole" was:
These devices have a modified copy of the /dev/mem device driver (but renamed), where the device node has WORLD WRITE permissions.
Not by accident, but deliberately, because that's how the camera "userspace driver" was supposed to work.
If you wonder why they had to modify the /dev/mem driver.... they had to modify/clone the /dev/mem driver, because the normal /dev/mem driver since some time no longer allows for access to kernel memory, only to device memory.... So..... someone went and copied the driver, and then removed this restriction... and made the device node world writeable.
That's seriously inexcusable.
Lets see how long it takes for the long list of devices to get their security fix delivered, since the impact is quite serious.
(Oh and why bother going through the "secure boot" hassle if you make basic moronic design decisions like this)
This was not some unfixed known kernel exploit.
This was a DELIBERATE design decision. Lawyers should have a lot of fun with this.
Oh and by the way.. your phone very likely is still vulnerable, there's no sign of a wide ranging set of fixes being deployed.
If you haven't read what the security "hole" was:
These devices have a modified copy of the /dev/mem device driver (but renamed), where the device node has WORLD WRITE permissions.
Not by accident, but deliberately, because that's how the camera "userspace driver" was supposed to work.
If you wonder why they had to modify the /dev/mem driver.... they had to modify/clone the /dev/mem driver, because the normal /dev/mem driver since some time no longer allows for access to kernel memory, only to device memory.... So..... someone went and copied the driver, and then removed this restriction... and made the device node world writeable.
That's seriously inexcusable.
Lets see how long it takes for the long list of devices to get their security fix delivered, since the impact is quite serious.
(Oh and why bother going through the "secure boot" hassle if you make basic moronic design decisions like this)
Samsung devices vulnerable to dangerous Android exploit
Shared with: Public
+1'd by: Edward Tomasz Napierała
Reshared by: Edward Tomasz Napierała
Comments
Comments powered by Disqus