CVE-2012-6422
Samsung Galaxy S2, Galaxy Note 2, MEIZU MX - Arbitrary Physical Memory Access via /dev/exynos-mem Weak Permissions
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-6422. PoCs published by wired0ut.
AI-analyzed exploit summary This repository contains a functional exploit for CVE-2012-6422, targeting the Exynos-Mem vulnerability in older Samsung phones. The exploit patches the kallsyms format string to bypass %pK restrictions, extracts the nsown_capable symbol address, and overwrites it to return true, granting root privileges via setuid(0).
Description
The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions (0666) for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted application, as demonstrated by ExynosAbuse.
Exploits (1)
This repository contains a functional exploit for CVE-2012-6422, targeting the Exynos-Mem vulnerability in older Samsung phones. The exploit patches the kallsyms format string to bypass %pK restrictions, extracts the nsown_capable symbol address, and overwrites it to return true, granting root privileges via setuid(0).