CVE-2014-0973: Possible Bootloader Unlock?

Status
Not open for further replies.
Search This thread
By:
Advanced…
thewebsiteisdown

thewebsiteisdown

Senior Member
Mar 18, 2011
722
171
vacaloca said:
Even if Samsung has their own source tree for lk/aboot, it's wouldn't be surprising that (a) they already know about this and (b) they might have patched it already in their own sources. The real question is if it's patched in the binary that's on the phone.. and the way to figure that out is to disassemble the code knowing what you're looking for. And no, I do not care to do this.. I'm not qualified to.. because I know people will ask :p
Click to expand...
Click to collapse


It was just reported within the last week so I doubt they knew about it, just saying.
 
Last edited:
Dennisg34

Dennisg34

Senior Member
Jan 30, 2013
1,295
654
New Hampshire
  • Like
Reactions: thewebsiteisdown
thewebsiteisdown

thewebsiteisdown

Senior Member
Mar 18, 2011
722
171
Dennisg34 said:
Oh well, it's always fun getting a little excitement:p

And on a side note, kinda mean for him to say something 99% of the community doesn't quite know, so just a simple "no" is better.

Sent from my SM-G900V using XDA Free mobile app
Click to expand...
Click to collapse


Yeah that was pretty rude of him wasnt it? Wow, great communicator to the crowd that one...
 
garwynn

garwynn

Retired Forum Mod / Inactive Recognized Developer
Jul 30, 2011
5,179
8,589
NE Ohio
www.extra-life.org
thewebsiteisdown said:
Yeah that was pretty rude of him wasnt it? Wow, great communicator to the crowd that one...
Click to expand...
Click to collapse

Think about it this way. There are two ways to handle when this situation arises
1) Identify the specific thread or user and say something, effectively calling them out.
2) Use a generalization to get the same point across (aka tact)

Keep in mind people are probably spamming him and @djrbliss to crazy town on these.
Professionally he did communicate that well. It gets the message across without singling anyone out.

So, in summary, it's being said that this can't be exploited by a known security expert.
Let's call it a day on this one unless something changes that.
Thank you for your time.
 
  • Like
Reactions: Backwardsblade, mkfryan, Dennisg34 and 1 other person
Status
Not open for further replies.

Similar threads

AptLogic
[GUIDE] Root, Bootloader Unlocks, and More!
Replies
1K
Views
334K
jrkruse
jrkruse
Syn Ack
Status on Root/Custom Recovery/Bootloader
Replies
1K
Views
204K
DEVILANDERS5
DEVILANDERS5
Demiurge7
  • Locked
[CLOSED][BOUNTY] New Root Method Exploit - ACHIEVED!!!!!
Replies
1K
Views
502K
Ragnar
Ragnar
jrkruse
How To Flash Custom 6.0.1 Roms On Locked Bootloader That Cannot Be Unlocked
Replies
138
Views
55K
J
Jone90
M
  • Locked
[How-To] Update to G900V_OA8 - 5.0 and KeepRoot (2/3/2015)
Replies
718
Views
131K
M
muniz_ri

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 4
    davidstre
    davidstre
    Idk if starting a bounty for everything: root, safestrap, and bootloader is really a good idea. I mean I get it for some stuff like root, obviously that was needed but do you guys really want to have to buy every single mod? maybe we should cool our heels a bit enjoy root and see what comes our way before we start opening up our wallets, you can always donate after the fact.

    Sent from my SM-G900V using XDA Premium 4 mobile app
    View
    4
    garwynn
    garwynn
    thewebsiteisdown said:
    Yeah that was pretty rude of him wasnt it? Wow, great communicator to the crowd that one...
    Click to expand...
    Click to collapse

    Think about it this way. There are two ways to handle when this situation arises
    1) Identify the specific thread or user and say something, effectively calling them out.
    2) Use a generalization to get the same point across (aka tact)

    Keep in mind people are probably spamming him and @djrbliss to crazy town on these.
    Professionally he did communicate that well. It gets the message across without singling anyone out.

    So, in summary, it's being said that this can't be exploited by a known security expert.
    Let's call it a day on this one unless something changes that.
    Thank you for your time.
    View
    3
    Franzie3
    Franzie3
    Little side note,.....You know its funny how the community works. On one had, 2 months ago we had one of the most secured phones on the market. Then we had a community up in arms about not having root bootloader unlock etc etc. Not so much up in arms maybe but upset root didn't come as quick as it did. Fast forward 1 month, people learning to live without root, people giving up all hope and dumping the device, people getting further frustrated, and many people looking into any exploit found to see if it can be done for us. And then another month later we get root and everything that happened before hand is gone....people learnign to live without it - rooted, people who gave up - rooted, those who were frustrated - rooted and can finally sleep at night.

    Now something like this comes up.....
    It sounds like it may work just based on the CVE description, but im not sure how much it pertains to the S5. I'm happy with root and man if this worked the flood gates will truly open.
    View
    1
    eragon5779
    eragon5779
    A new CVE was found yesterday pertaining to the Little Kernel bootloader, which is closely related to the Samsung bootloader. This CVE would allow us to load our own images and possibly unlock the bootloader permanently. There is a patch for it; however, first looks suggest that the S5 bootloader may not be patched if it is exploitable. The link below explains the CVE and includes the link for the patch.

    https://www.codeaurora.org/projects...arsing-during-boot-image-authentication-leads

    Feel free to discuss this. However, please follow the forum rules, and only discuss bootloader subjects on this thread.

    Sent from my ROOTED white SM-G900V using XDA Premium 4
    View
    1
    Dennisg34
    Dennisg34
    typxyt said:
    Someone start a bounty? I'd be willing to donate as I did for root.

    Sent from my SM-G900V using Tapatalk
    Click to expand...
    Click to collapse

    No need for that yet, as this isn't confirmed if it's related to us.
    View

New posts