October 3, 2015 10:00 am
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/xM6Nt9ttxc4/samsung-decides-not-to-patch-kernel-vulnerabilities-in-some-s4-smartphones
Samsung Decides Not To Patch Kernel Vulnerabilities In Some S4 Smartphones
An anonymous reader writes: QuarksLAB, a security research company, has stumbled upon two kernel vulnerabilities for Samsung Galaxy S4 devices, which Samsung has decided to patch only for recent devices running Android Lollipop, but not Jelly Bean or KitKat. The two vulnerabilities (kernel memory disclosure and kernel memory corruption) were discovered in February 2014 and reported to Samsung in August 2014, affecting the samsung_extdisp driver of Samsung S4 (GT-I9500) devices. Bugs break ASLR and lead to denial of service (DoS) state or even elevating attacker privileges.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/xM6Nt9ttxc4/samsung-decides-not-to-patch-kernel-vulnerabilities-in-some-s4-smartphones
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot