Issue #1047
closedFutex (aka Towelroot) vulnerability - CVE-2014-3153
0%
Description
I hope it's a good idea to open a bug ticket about the forum topic: http://redmine.replicant.us/boards/9/topics/6903
Summary
Replicant is (at the moment) vulnerable to the Towelroot security issue.
More informations: http://zomo.herokuapp.com/blog/2014/06/21/pinkie-pies-cve-2014-3153
There seem to exist "android_kernel_samsung_exynos5410" (= AFAIK: Samsung Galaxy S4) patches for CM 11.0:
Main fix:
https://github.com/CyanogenMod/android_kernel_samsung_exynos5410/commit/89bc203bad3b921c6a38a6651b3b46809787d654
Some more (probably optional) fixes:
https://github.com/CyanogenMod/android_kernel_samsung_exynos5410/commit/69e8fe3662e77dd22496314307523c5cd91739e8
https://github.com/CyanogenMod/android_kernel_samsung_exynos5410/commit/5013b860800a0648b996f0a42a5c6aaba03ad06c
https://github.com/CyanogenMod/android_kernel_samsung_exynos5410/commit/11cf6decfdf6b09479caa5b371d32eb5d1b311f2
https://github.com/CyanogenMod/android_kernel_samsung_exynos5410/commit/62a1297de30048e88046348c187613e186580c4a
https://github.com/CyanogenMod/android_kernel_samsung_exynos5410/commit/1e1a82e907b5b9d78b57f0f9576ff46689731ae2
Hope there is an easy way to fix that behavior in Replicant.