Unrated severityNVD Advisory· Published Dec 18, 2012· Updated Apr 29, 2026

CVE-2012-6422

Description

The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions (0666) for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted application, as demonstrated by ExynosAbuse.

Affected products

Meizu/Mx
cpe:2.3:h:meizu:mx:-:*:*:*:*:*:*:*
Samsung/Galaxy Note 2
cpe:2.3:h:samsung:galaxy_note_2:-:*:*:*:*:*:*:*
Samsung/Galaxy S2
cpe:2.3:h:samsung:galaxy_s2:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

forum.xda-developers.com/showthread.phpnvdExploit
arstechnica.com/security/2012/12/developer-warns-of-critical-vulnerability-in-many-samsung-smartphones/nvd
forum.xda-developers.com/showthread.phpnvd
osvdb.org/88467nvd
project-voodoo.org/articles/instant-fix-app-for-exynos-mem-abuse-vulnerability-no-root-required-reversiblenvd
www.sammobile.com/2012/12/16/major-vulnerability-found-on-exynos-4-devices/nvd
www.securityweek.com/new-vulnerability-exposed-samsungs-android-devicesnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000