CVE-2012-6422

Samsung Galaxy S2, Galaxy Note 2, MEIZU MX - Arbitrary Physical Memory Access via /dev/exynos-mem Weak Permissions

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-6422. PoCs published by wired0ut.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2012-6422, targeting the Exynos-Mem vulnerability in older Samsung phones. The exploit patches the kallsyms format string to bypass %pK restrictions, extracts the nsown_capable symbol address, and overwrites it to return true, granting root privileges via setuid(0).

Description

The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions (0666) for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted application, as demonstrated by ExynosAbuse.

Exploits (1)

nomisec WORKING POC 1 stars
by wired0ut · poc
https://github.com/wired0ut/CVE-2012-6422

This repository contains a functional exploit for CVE-2012-6422, targeting the Exynos-Mem vulnerability in older Samsung phones. The exploit patches the kallsyms format string to bypass %pK restrictions, extracts the nsown_capable symbol address, and overwrites it to return true, granting root privileges via setuid(0).

Classification
Working Poc 100%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Samsung Exynos-based devices with vulnerable /dev/exynos-mem permissions
No auth needed
Prerequisites: Access to /dev/exynos-mem with read/write permissions · Kernel memory layout knowledge (PAGE_OFFSET, KERNEL_START, KERNEL_END)
mistral-large-3 · analyzed Jun 04, 2026 Full analysis →

Scores

EPSS 0.1516
EPSS Percentile 96.4%

Details

CWE
CWE-264
Status published
Products (3)
meizu/mx
samsung/galaxy_note_2
samsung/galaxy_s2
Published Dec 18, 2012
Tracked Since Feb 18, 2026