CINXE.COM

Samsung Mobile Security

<!DOCTYPE html> <html lang="en"> <head> <!--HTTP 1.1--> <meta charset="UTF-8" /> <meta http-equiv='X-UA-Compatible' content='IE=edge' /> <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1, user-scalable=no" /> <link rel="stylesheet" href="/jquery/css/basic.css" type="text/css" /> <link rel="stylesheet" href="/./external/attach/css/attachment.css" /> <script src="/./jquery/jquery-1.12.2.js" type="text/javascript"></script> <script src="/./jquery/jquery-ui/jquery-ui.js" type="text/javascript"></script> <script src="/./jquery/validation/sdp.validate.js" type="text/javascript"></script> <script src="/./jquery/jquery.simplemodal.js" type="text/javascript"></script> <script src="/./js/portalCommon.js" type="text/javascript"></script> <script src="/./js/numberFormat.js" type="text/javascript"></script> <script src="/./js/menu.js" type="text/javascript"></script> <script src="/./js/common.js" type="text/javascript"></script> <script src="/./js/commonCalendar.js" type="text/javascript"></script> <script src="/./js/billboard/d3.min.js" charset="utf-8"></script> <script src="/./js/billboard/billboard.min.js"></script> <link href="/./js/billboard/billboard.min.css" rel="stylesheet"> <link rel="stylesheet" href="/css/style.css?ver=20241008_a2" type="text/css" /> <!-- <link rel="stylesheet" href="/css/error.css" type="text/css" /> --> <!--[if IE]> <script src="/./js/html5.js"></script> <![endif]--> <title>Samsung Mobile Security</title> <link rel="shortcut icon" href="./images/common/favicon.ico" type="image/x-icon"> <link rel="icon" href="./images/common/favicon.ico" type="image/x-icon"> <script type="text/javascript"> var contextPath="/."; var language = 'en_US'; // 2022-10-27 session time out check if('' != ""){ sessionCheck(); } var sameSiteVal = ["Lax;", "None; Secure", "stric;"]; document.cookie = 'LANGUAGE=; expires=Thu, 01 Jan 1970 00:00:01 GMT; SameSite='+sameSiteVal[0]; //document.cookie = 'LANGUAGE=; expires=Thu, 01 Jan 1970 00:00:01 GMT;'; var cookieAccept = 'null'; $(document).ready(function() { /* 2023-10-10 버튼 효과 삭제 $(".menu > li").on("click", function(){ $(this).children("a").addClass("on"); }); */ //개인화 메뉴 펼치기 $(".personal_menu").click(function(){ $(".personal_box").slideToggle("fast"); $('.close_search').hide(); $('.wrap_search .wrap_input').hide(); $('.open_search').css('visibility','visible'); }); //mobile_ 메뉴 펼치기 $(".m_btn_menu").click(function(){ $(this).hide(); $('.m_btn_menu_close').show(); $('.wrap_m_menu').slideDown('fast'); $('.back_bg').fadeIn('fast'); }); $(".m_btn_menu_close").click(function(){ $(this).hide(); $('.m_btn_menu').show(); $('.wrap_m_menu').slideUp('fast'); $('.back_bg').fadeOut('fast'); }); //상단 검색 $('.open_search').click(function(){ $(".personal_box").slideUp("fast"); $('.wrap_search .wrap_input').show(); $(this).css('visibility','hidden'); $('.close_search').show(); $('.wrap_search .wrap_input').focus(); }); $('.close_search').click(function(){ $(this).hide(); $('.wrap_search .wrap_input').hide(); $('.open_search').css('visibility','visible'); }); $("#androidUpdatesMobileKey,#androidUpdatesWebKey").keydown(function (key) { if(key.keyCode == 13){//키가 13이면 실행 (엔터는 13) androidUpdatesSearch(this.id); } }); // 20210511 - 메뉴 슬라이드 $(".menu").hover(function(){ $(".submenu").show(); $(".submenu_bar").show(); /* if ($("#header").hasClass("menu_fix")){ } else { $(".submenu").show(); $(".submenu_bar").show(); } */ }).mouseleave(function(){ $(".submenu").hide(); $(".submenu_bar").hide(); }) //menu fixed function eventMenuFix(){ var menu = $('.mh'); var menu_offset = $('.mh').offset(); var submenu = $('.submenu'); $(window).scroll(function(){ if ($(this).scrollTop() >= menu.height() && $(window).width() > 1023){ menu.addClass('menu_fix'); }else { menu.removeClass('menu_fix'); }; }); }; if($(window).width() > 1023){ $('#header').addClass('mh'); eventMenuFix(); }else if($(window).width() < 1023){ $('#header').removeClass('mh'); eventMenuFix(); }; eventMenuFix(); //top btn $(".mtop_wrap button.mtop").click(function(){ $("html, body").animate({scrollTop:0}, 400); }); $("button.wtop").click(function(){ $("html, body").animate({scrollTop:0}, 400); }); // 쿠키 설정 확인 if( cookieAccept != 'Y' ) { //alert('aa'); //$(".fullscreen").removeClass('none'); setTimeout("createCookie()", 1000); } // 20210504 - Cookies Layer $(".txt_link_cookies, .btn_footer_cookie").on("click",function(){ $("#cookies_layer").fadeIn(); }) $("a.btn_cookies_close").on("click",function(){ $("#cookies_layer").fadeOut(); }) // 20210504 - Cookie-banner close $("a.btn_cookie_banner_close").on("click",function(){ $(".fullscreen").fadeOut(); }) }); function createCookie(){ $(".fullscreen").fadeIn(); //$(".fullscreen").slideUp(); } function movePage(pageUrl) { var d = new Date(); var timeZoneHour = d.getTimezoneOffset() / 60; timeZoneHour = -1 * timeZoneHour; $("input[name='timeZoneHour']").val(timeZoneHour); document.menuMoveForm.action=pageUrl; document.menuMoveForm.submit(); } function androidUpdatesSearch(searchObj) { var androidSearchText = $("#"+searchObj).val(); var pattern = /^[a-zA-Z0-9|-]*$/; if(androidSearchText=="") { alert('Please enter the search word.'); } else if(pattern.test(androidSearchText)) { $("#androidSearchText").val(androidSearchText); document.androidUpdatesSearchForm.submit(); } else { alert('You can not enter characters other than uppercase and lowercase letters, numbers, "-".'); } } function goCookieAccept() { var params = {}; $.ajax({ type:'POST', url:'/./cookieAccept.smsb', data:params, dataType:'json', async:false, success:function(ret) { hideLoading(); if( ret.success == true ) { $(".fullscreen").fadeOut(); cookieAccept = 'Y'; } else { alert("Please contact administrator!"); } }, error : function(request, err, ex) { hideLoading(); //alert('Please contact administrator'); alert("Please contact administrator" + "\n" + "code : " + request.status + "\n" + "message : " + request.responseText + "\n" + "error : " + err + "\n" + "ex : " + ex); } }); } function goLogin(){ /* if( cookieAccept != 'Y' ) { $(".fullscreen").fadeIn(); alert('If you continue to submit report, please accept cookies form this site.'); return; } */ var url = '/sa/anonymous/loginPage.do'; openPage(url); } function myFunction() { document.getElementById("myDropdown").classList.toggle("show"); } window.onclick = function(event) { var matches = event.target.matches ? event.target.matches('.dropbtn') : event.target.msMatchesSelector('.dropbtn'); if (!matches) { var dropdowns = document.getElementsByClassName("dropdown-content"); var i; for (i = 0; i < dropdowns.length; i++) { var openDropdown = dropdowns[i]; if (openDropdown.classList.contains('show')) { openDropdown.classList.remove('show'); } } } } </script> <script> </script> </head> <body> <!-- Cookie 설정 --> <div class="fullscreen visible"><div class="leica-overlay content-container"><div class="cookie-banner"> <a href="javascript:goCookieAccept();" class="btn_cookie_banner_close" data-role="accept-all-cookies">close</a> <div class="contentlayercontent"> <div class="cookie-banner__body row"> <div class="col"> <p class="cookie_banner_tit">Samsung Mobile Security and Cookies</p> <p>Our site uses essential cookies only. You can read our <a href="./privacy/global/privacy_notice.html" class="txt_link2" title="Privacy Policy" target="_blank">Privacy Policy</a> and <a href="javascript:void(0)" class="txt_link2 txt_link_cookies" title="Cookie Policy">Cookie Policy</a> for more information.</p> <!--<p>This site uses cookies to provide you the best user experience possible with optimized functionality. By continuing to use this site, you accept our <a href="./etc/cookiePreferences.html" class="txt_link2" title="Cookie Preferences">use of cookies</a>//--> </div> <!-- <div class="col span12"> <a href="javascript:goCookieAccept();" class="button" data-role="accept-all-cookies">Accept</a> </div> //--> </div> </div> </div></div></div> <!-- 210504 - Cookies Layer Popup --> <div id="cookies_layer"> <a href="javascript:void(0);" class="btn_cookies_close">close</a> <div class="cookies_layer_inner"> <h2>Samsung Mobile Security <br>Cookie Policy</h2> <p class="cookies_dates">Updated on Jan 17, 2022</p> <div class="cookies_cont"> <p class="cookies_cont_txt">This Cookie Policy describes the different types of cookies that may be used in connection with Samsung Mobile Security website which is owned and controlled by Samsung Electronics Co., Ltd (“Samsung Electronics”). This Cookie Policy also describes how you can manage cookies.<br><br> It’s important that you check back often for updates to the Policy as we may change it from time to time to reflect changes to our use of cookies. Please check the date at the top of this page to see when this Policy was last revised. Any changes to this Policy will become effective when we make the revised Policy available on our website.<br><br> Samsung Electronics has offices across Europe, so we can ensure that your request or query will be handled by the data protection team based in your region. If you have any questions, the easiest way to contact us is through our Privacy Support Page at <a href="https://www.samsung.com/request-desk" class="txt_link2" target="_blank">https://www.samsung.com/request-desk</a>. </p> <p class="cookies_cont_txt c_center">You can also contact us at:</p> <p class="cookies_cont_txt_box c_center">European Data Protection Officer<br> Samsung Electronics (UK) Limited<br> Samsung House, 2000 Hillswood Drive, Chertsey, Surrey KT16 0RS </p> <h4>Cookies</h4> <p class="cookies_cont_txt">Cookies are small files that store information on your computer, TV, mobile phone, or other device. They enable the entity that put the cookie on your device to recognize you across different websites, services, devices, and/or browsing sessions.<br><br> We use the following types of cookies on this website:<br><br> <b>Essential Cookies</b>: enable you to receive the services you request via our website. Without these cookies, services that you have asked for cannot be provided. For example, these enable to identify users and provide proper service for each user. These cookies are automatically enabled and cannot be turned off because they are essential to enable you to browse our website. Without these cookies this Samsung Mobile Security website could not be provided. </p> <div class="cookies_cont_tb"> <table> <thead> <tr> <th>Cookie</th> <th>Domain</th> <th>Purpose</th> </tr> </thead> <tbody> <tr> <td>JSESSIONID</td> <td>security.samsungmobile.com</td> <td>to keep login session</td> </tr> <tr> <td>lastActivityTime</td> <td>security.samsungmobile.com</td> <td>to save the user's last activity time to automatically logout after 30 minutes of inactivity</td> </tr> </tbody> </table> </div> <h4>Managing Cookies and Other Technologies</h4> <p class="cookies_cont_txt">You can also update your browser settings at any time, if you want to remove or block cookies from your device (consult your browser's "help" menu to learn how to remove or block cookies). Samsung Electronics is not responsible for your browser settings. You can find good and simple instructions on how to manage cookies on the different types of web browsers at <a href="http://www.allaboutcookies.org" class="txt_link2" target="_blank">http://www.allaboutcookies.org</a>.</p> </div> </div> </div> <!-- //210504 - Cookies Layer Popup --> <!-- skipnav --> <div id="skipnav"> <a href="#gnb">Go straight to the menu</a> <a href="#home">Go straight to the text</a> </div> <!-- //skipnav --> <!-- wrap --> <div id="wrap"> <!-- header --> <header id="header_wrap"> <div id="header" class="main_header"> <div class="header_inner"> <div class="wrap_top"> <h1 class="logo"><a href="/./main.smsb"><strong>Samsung </strong>Mobile Security</a></h1> <!-- web --> <div class="gnb" id="gnb"> <!-- menu --> <ul class="menu"> <li><a href="/./workScope.smsb">Security Updates</a> <ul class="submenu"> <li><a href="/./workScope.smsb">Scope</a></li> <li><a href="/./securityUpdate.smsb">Firmware Updates</a></li> <li><a href="/./serviceWeb.smsb">Other Updates</a></li> </ul> </li> <li><a href="/./securityReporting.smsb">Security Reporting</a> <ul class="submenu"> <li><a href="/./securityReporting.smsb">Reporting</a></li> <li><a href="/./securityReportingProcess.smsb">Process</a></li> <li><a href="/./securityReportingRiskClassification.smsb">Severity Classification</a></li> </ul> </li> <li><a href="/./rewardsProgram.smsb">Rewards Program</a> <ul class="submenu"> <li><a href="/./rewardsProgram.smsb">How it works</a></li> <li><a href="/./hallOfFameInfo.smsb">Hall of Fame</a></li> </ul> </li> <li><a href="/./securityPost.smsb">Security Post</a></li> </ul> <!-- //menu --> <div class="toplink"> <span class="t_btn_login"><a href="javascript:goLogin();" title="Go to login">Login</a></span> <!-- Search --> <div class="wrap_search"> <a href="javascript:;" class="open_search">Search</a> <a href="javascript:;" class="close_search" style="display:none">Search Close</a> <div class="wrap_input" style="display:none"> <input id="androidUpdatesWebKey" name="androidUpdatesWebKey" type="text" placeholder="Enter the search word(ex. CVE, SVE.. )" title="search" style="height:100%;border:0px;"> <a href="javascript:androidUpdatesSearch('androidUpdatesWebKey')" class="btn_search">Search</a> </div> </div> <!-- //Search --> <!-- [D]login 후 개인화 메뉴 --> </div> </div> <!-- //web --> </div> <!-- mobile --> <div class="wrap_mobile_menu"> <div class="m_toplink"> <button type="button" class="m_btn_menu" title="Total Menu">Total Menu</button> <button type="button" class="m_btn_menu_close" title="Close the entire menu">Close the entire menu</button> </div> <div class="wrap_m_menu"> <!-- Search --> <div class="wrap_m_search"> <div class="wrap_input"> <input type="text" id="androidUpdatesMobileKey" name="androidUpdatesMobileKey" placeholder="Enter the search word(ex. CVE, SVE.. )" title="search" style="height:100%;border:0px;"> <a href="javascript:androidUpdatesSearch('androidUpdatesMobileKey')" class="btn_search">Search</a> </div> </div> <!-- //Search --> <ul class="m_main_menu"> <li><a href="/./workScope.smsb">Security Updates</a></li> <li><a href="/./securityReporting.smsb">Security Reporting</a></li> <li><a href="/./rewardsProgram.smsb">Rewards Program</a></li> <li><a href="/./securityPost.smsb">Security Post</a></li> </ul> <ul class="m_personal_menu"> <li><a href="javascript:goLogin();" title="Go to login">Login</a></li> <!-- [D]login 후 개인화 메뉴 --> </ul> </div> <div class="back_bg"></div> </div> <!-- //mobile --> </div> <div class="submenu_bar"></div> </div> </header> <!-- //header --> <!-- 각 개발된 화면 UI 입력되는 Part --> <style> pre{ padding:10px; overflow: auto; white-space: pre-wrap; /* pre tag내에 word wrap */ } </style> <script type="text/javascript"> document.title = 'Security Updates Firmware Updates | Samsung Mobile Security'; $(document).ready(function() { $(".menu").find("li:eq(0)").find("a").addClass("on"); //아코디언 $(".accordion_banner .acc_title").click(function(e) { e.preventDefault(); $(".wrap_su_month a").removeClass("on"); var indx = $(this).data().a; var onMonth = $(this).data().b; if($(this).next("div").is(":visible")){ $(this).next("div").slideUp("fast"); $(this).children("a").removeClass("on"); $(this).children("a").attr("title","Detail view open"); //$(".wrap_ack").hide(); } else { $(".acc_sub").slideUp("fast",function() { fnMove(indx); }); $(".acc_title").children("a").removeClass("on"); $(this).next("div").slideToggle("fast",function() { fnMove(indx); }); $(this).children("a").addClass("on"); $(".wrap_su_month > ."+onMonth).addClass("on"); $(this).children("a").attr("title","Detail view closed"); //$(".wrap_ack").show(); } /* var mon = $(this).attr("id"); var showAck = "."+mon; $(".wrap_ack").find("div").hide(); $(showAck).show(); */ }); $(".su_year_box .close").click(function(e){ $(".su_year_box").slideToggle("fast"); }); //년도 닫기 $(".close_year").click(function(e){ $(".su_year_box").slideToggle("fast"); var year=$(this).text(); _search(year); $("#selyearOld").html(year+"<a href='javascript:void(0)' class='open_year'>Open selected window by year</a>"); $("#year").val(year); $(".open_year").click(function(e){ $(".su_year_box").slideToggle("fast"); }); }); //년도 펼치기 $(".open_year").click(function(e){ $(".su_year_box").slideToggle("fast"); }); //년도 펼치기 $(".prev").click(function(e){ var nowYear = $(".close_year:last").text(); var year=$("#selyear").text(); if(nowYear == year){ return; } _search(Number(year)-1); }); $(".next").click(function(e){ var nowYear = $(".close_year:first").text(); var year=$("#selyear").text(); if(nowYear == year){ return; } _search(Number(year)+1); }); /* $(".wrap_su_month .on").click(function(e){ clickMonth($(this).text()); var showAck = "."+$(this).text(); $(".wrap_ack").find("div").hide(); $(showAck).show(); }); */ $(".su_disc_btn").click(function(e){ e.preventDefault(); $("#su_disc").toggleClass('on'); }); $(".wrap_ack").find("div:first").show(); $(".wrap_su_month a:last").addClass("on"); $(".wrap_su_month a").blur(); $(".acc_title a:first").addClass("on"); $(".acc_title a:first").attr("title","Detail view closed"); $(".acc_sub:first").css("display", "block"); //$('.ent').text($('.ent').html().replace(/<br\s?\/?>/g,"\n")); // var dbTxt = $('.ent').html(); // dbTxt = dbTxt.replace(/<br>/g, '\n'); // $('.ent').text()=dbTxt; var monthArray = ['January', 'February', 'March', 'April', 'May', 'June', 'July', 'August', 'September', 'October', 'November', 'December'] var pMonth = getParam('month'); if(pMonth) { var $month = $('.wrap_su_month').find('.' + monthArray[pMonth - 1]).not('.on'); if($month.length) { $month.trigger('click'); } } }); // url 에서 parameter 추출 function getParam(sname) { var params = location.search.substr(location.search.indexOf("?") + 1); var sval = ""; params = params.split("&"); for (var i = 0; i < params.length; i++) { temp = params[i].split("="); if ([temp[0]] == sname) { sval = temp[1]; } } return sval; } function _search(year) { var url = openPageUrl('/securityUpdate.smsb'); $("#year").val(year); document.searchForm.action=url; document.searchForm.submit(); $("#year").val(year); } function clickMonth(total,cnt,mon) { var id = "#"+mon; $(".wrap_su_month a").removeClass("on"); if($(id).next("div").is(":visible")){ $(id).next("div").slideUp("fast"); $(id).children("a").removeClass("on"); $(id).attr("tabindex", -1).focus(); $(id).children("a").attr("title","Detail view open"); $(".wrap_ack").hide(); } else { $(".acc_sub").slideUp("fast",function() { var indx = total - cnt; fnMove(indx) $(id).children("a").addClass("on"); $(".wrap_su_month > ."+mon).addClass("on"); }); $(".acc_title").children("a").removeClass("on"); $(id).next("div").slideToggle("slow",function() { var indx = total - cnt; fnMove(indx); $(id).children("a").addClass("on"); $(".wrap_su_month > ."+mon).addClass("on"); }); $(id).children("a").attr("title","Detail view close"); $(".wrap_ack").show(); } } function moveCont(total,cnt,mon){ clickMonth(total,cnt,mon); var showAck = "."+mon; $(".wrap_ack").find("div").hide(); $(showAck).show(); } function fnMove(seq){ var windowWidth = $( window ).width(); var pos = 62; if(windowWidth <1010){ pos = 0; } var offset = $("#" + seq).offset(); $('html, body').animate({scrollTop : offset.top-pos}, 0); } </script> <form id="securityupdate" name="searchForm" action="/securityUpdate.smsb" method="post"> <input id="year" name="year" type="hidden" value="2024"/> <!-- container --> <div id="container"> <div class="sub_visual_rn"> <span class="svrn1"></span> <div class="breadcrumb_rn"> <div> <a href="/main.smsb" class="ico_home" title="Go to Home" id="home">Home</a><span class="ico_arw">&gt;</span><a href="/workScope.smsb">Security Updates</a><span class="ico_arw">&gt;</span><em>Firmware Updates</em> </div> </div> </div> <div class="page_tit"> <h2 class="page_tit_wht">Security Updates</h2> </div> <div class="wrap_sub_menu"> <ul class="sub_menu"> <li><a href="/workScope.smsb"><span>Scope</span></a></li> <li class="on"><span>Firmware Updates</span></li> <li><a href="/serviceWeb.smsb"><span>Other Updates</span></a></li> </ul> </div> <!-- contents --> <div id="contents"> <div class="list_su_calendar"> <!-- top_calendar --> <div class="su_calendar"> <div class="su_year"> <div class="su_move"> <a href="javascript:;" class="prev">Move to the previous year</a> <a href="javascript:;" class="next">Move to the next year</a> </div> <div id="selyear" style="display:none">2024</div> <p id="selyearOld">2024<a href="javascript:void(0)" class="open_year">Open selected window by year</a></p> <div class="su_year_box"> <ul> <li class="close_year"><a href="javascript:;">2024</a></li> <li class="close_year"><a href="javascript:;">2023</a></li> <li class="close_year"><a href="javascript:;">2022</a></li> <li class="close_year"><a href="javascript:;">2021</a></li> <li class="close_year"><a href="javascript:;">2020</a></li> <li class="close_year"><a href="javascript:;">2019</a></li> <li class="close_year"><a href="javascript:;">2018</a></li> <li class="close_year"><a href="javascript:;">2017</a></li> <li class="close_year"><a href="javascript:;">2016</a></li> <li class="close_year"><a href="javascript:;">2015</a></li> </ul> <a href="javascript:;" class="close">Close selected window by year</a> </div> <div class="wrap_su_month"> <a class="January" href="javascript:void(0)" onclick="moveCont('11','1','January')">January</a> <a class="February" href="javascript:void(0)" onclick="moveCont('11','2','February')">February</a> <a class="March" href="javascript:void(0)" onclick="moveCont('11','3','March')">March</a> <a class="April" href="javascript:void(0)" onclick="moveCont('11','4','April')">April</a> <a class="May" href="javascript:void(0)" onclick="moveCont('11','5','May')">May</a> <a class="June" href="javascript:void(0)" onclick="moveCont('11','6','June')">June</a> <a class="July" href="javascript:void(0)" onclick="moveCont('11','7','July')">July</a> <a class="August" href="javascript:void(0)" onclick="moveCont('11','8','August')">August</a> <a class="September" href="javascript:void(0)" onclick="moveCont('11','9','September')">September</a> <a class="October" href="javascript:void(0)" onclick="moveCont('11','10','October')">October</a> <a class="November" href="javascript:void(0)" onclick="moveCont('11','11','November')">November</a> </div> </div> <!-- //calendar --> <!-- disclaimer --> <div class="su_disc"> <p><a href="#su_disc" class="su_disc_btn"><u><b>Disclaimer</b></u></a></p> <ul id="su_disc"> <li>Please note that in some cases regular OS upgrades may cause delays to planned security updates. However, users can be rest assured the OS upgrades will include up-to-date security patches when delivered.</li> <li>While we are doing our best to deliver the security patches as soon as possible to all applicable models, delivery time of security patches may vary depending on the regions and models.</li> <li>Some patches to be received from chipset vendors (also known as Device Specific patches) may not be included in the security update package of the month. They will be included in upcoming security update packages as soon as the patches are ready to deliver.</li> </ul> </div> <!-- //disclaimer --> </div> <!-- //top_calendar --> <!-- Acknowledgements --> <div class="wrap_ack" > <p><b>Acknowledgements</b></p> <div class="November" style="display:none;"> <pre style='font-family: "SamsungOne", Arial, sans-serif;'>Wenqiang Li: SVE-2024-0956 ycmint working at ADLab of VenusTech: SVE-2024-1214, SVE-2024-1222 Elias Schröder: SVE-2024-1240 Dawuge: SVE-2024-1481, SVE-2024-1524, SVE-2024-1651, SVE-2024-1699 Dzmitry Lukyanenka: SVE-2024-1520 Chen Jiang of vivo kM1rr0rs secLab: SVE-2024-1643 skyh1ll: SVE-2024-1666</pre> </div> <div class="October" style="display:none;"> <pre style='font-family: "SamsungOne", Arial, sans-serif;'>Knifefish: SVE-2024-0766 PORKODI RAJESH: SVE-2024-1387 Yifei Xie: SVE-2024-1490, SVE-2024-1492, SVE-2024-1494, SVE-2024-1495, SVE-2024-1496</pre> </div> <div class="September" style="display:none;"> <pre style='font-family: "SamsungOne", Arial, sans-serif;'>hsia.angsh : SVE-2023-1030 OrangeCat: SVE-2023-1487 balance: SVE-2024-0453, SVE-2024-1187, SVE-2024-1191, SVE-2024-1212, SVE-2024-1226 Ryan Johnson of Quokka: SVE-2024-0513 Knifefish: SVE-2024-0785 hackhackdump: SVE-2024-0852, SVE-2024-1154, SVE-2024-1155, SVE-2024-1381 Dawuge: SVE-2024-0918 khilli: SVE-2024-0970 Elias Schröder: SVE-2024-1009, SVE-2024-1278 VIGNESH.K.G: SVE-2024-1156</pre> </div> <div class="August" style="display:none;"> <pre style='font-family: "SamsungOne", Arial, sans-serif;'>balance: SVE-2023-1910, SVE-2024-1173, SVE-2024-1185, SVE-2024-0716 Heidi LiW: SVE-2024-0861, SVE-2024-0868 localh0ster: SVE-2024-0990 Dawuge: SVE-2024-0716, SVE-2024-1064, SVE-2024-1105 Ryan Johnson of Quokka: SVE-2024-1200 Yifei Xie: SVE-2024-1235 Patrik Gissleholm: SVE-2024-0385</pre> </div> <div class="July" style="display:none;"> <pre style='font-family: "SamsungOne", Arial, sans-serif;'>神经蛙: SVE-2023-1279 balance: SVE-2023-1514, SVE-2024-0547, SVE-2024-0788 Syed MD Mukit Rashid, Tianwei Wu, Abdullah Al Ishtiaq, Kai Tu, Yilu Dong, Ridwanul Hasan Tanvir, Syed Rafiul Hussain from SyNSec Lab at Penn State, and Omar Haider Chowdhury from Stony Brook University: SVE-2024-0067 开元米粉实力代购: SVE-2024-0144, SVE-2024-0146, SVE-2024-0148 Dzmitry Lukyanenka: SVE-2024-0194 Krishan Kumar: SVE-2024-0490 jch: SVE-2024-0700 khilli: SVE-2024-0772, SVE-2024-0829, SVE-2024-0830 hackpotato: SVE-2024-0810, SVE-2024-0811, SVE-2024-0812, SVE-2024-0818 Florian Draschbacher, Institute for Applied Information Processing and Communications (IAIK): SVE-2024-0834 Billy Jheng Bing Jhong & Pan ZhenPeng(@Peterpan0927) of STAR Labs SG Pte. Ltd.: SVE-2024-0882</pre> </div> <div class="June" style="display:none;"> <pre style='font-family: "SamsungOne", Arial, sans-serif;'>Chao Ma of Baidu Security: SVE-2023-2165 YunPeng Cai of vivo kM1rr0rs secLab: SVE-2023-2325 Dzmitry Lukyanenka: SVE-2024-0035, SVE-2024-0047 skyh1ll: SVE-2024-0209 Taeyang Lee (@5unkn0wn) from Theori: SVE-2024-0341, SVE-2024-0462 Marcel Busch (@0ddc0de) and Philipp Mao: SVE-2024-0434 balance: SVE-2024-0538, SVE-2024-0539</pre> </div> <div class="May" style="display:none;"> <pre style='font-family: "SamsungOne", Arial, sans-serif;'>Zhang Qing, Wang Kailong: SVE-2023-1778 Elias Schröder: SVE-2023-2193 Vijay Vignesh Baskaran: SVE-2023-2265 balance: SVE-2024-0041, SVE-2024-0042 Dzmitry Lukyanenka: SVE-2024-0070, SVE-2024-0071 Dohyun Lee (@l33d0hyun): SVE-2024-0092, SVE-2024-0096 Maxime Rossi Bellom at Quarkslab: SVE-2024-0234</pre> </div> <div class="April" style="display:none;"> <pre style='font-family: "SamsungOne", Arial, sans-serif;'>Zinuo Han https://twitter.com/ele7enxxh of OPPO Amber Security Lab: SVE-2023-2218, SVE-2023-2224, SVE-2023-2269, SVE-2023-2270, SVE-2023-2271, SVE-2023-2367, SVE-2023-2368 balance: SVE-2023-2389</pre> </div> <div class="March" style="display:none;"> <pre style='font-family: "SamsungOne", Arial, sans-serif;'>balance: SVE-2023-1793, SVE-2023-2382 Maxime Rossi Bellom and Damiano Melotti from Quarkslab: SVE-2023-2078, SVE-2023-2079 Chao Ma of Baidu Security: SVE-2023-2151 Dawuge: SVE-2023-2170 Zinuo Han https://twitter.com/ele7enxxh of OPPO Amber Security Lab: SVE-2023-2385</pre> </div> <div class="February" style="display:none;"> <pre style='font-family: "SamsungOne", Arial, sans-serif;'>OrangeCat: SVE-2023-1449 Tron: SVE-2023-1548 Dawuge: SVE-2023-1609, SVE-2023-1610, SVE-2023-1674, SVE-2023-1754 Erik Lucas Smit: SVE-2023-1685 Maxime Rossi Bellom, Damiano Melotti and Raphaël Neveu from Quarkslab: SVE-2023-2215</pre> </div> <div class="January" style="display:none;"> <pre style='font-family: "SamsungOne", Arial, sans-serif;'>Dzmitry Lukyanenka: SVE-2023-1689 Adnan Elezović: SVE-2023-1667 Febin Mon Saji: SVE-2023-1418 Dawuge: SVE-2023-1406</pre> </div> </div> <!-- //Acknowledgements --> <!-- accordion list --> <div class="accordion_banner" id="-1" > <div id='0'></div> <div class="wrap_acc"> <div class="acc_title" id="November" data-a="0" data-b="November"><a href="javascript:;" title="Detail view open">SMR-NOV-2024</a></div> <div class="acc_sub"> <font size="3">Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.<br /><br /><br /><font size="4">Google patches include patches up to Android Security Bulletin – November 2024 package. The Bulletin (November 2024) contains the following CVE items:</font><br /><br /><strong><font size="4">Critical</font></strong><br />None<br /><br /><strong><font size="4">High</font></strong><br />CVE-2024-23369, CVE-2024-34733, CVE-2024-34732, CVE-2024-33049, CVE-2024-40651, CVE-2024-40649, CVE-2024-34748, CVE-2024-38399, CVE-2024-33069, CVE-2024-40670, CVE-2024-40669, CVE-2024-20103, CVE-2024-20094, CVE-2024-20090, CVE-2024-20091, CVE-2024-20092, CVE-2024-20093, CVE-2024-20100, CVE-2024-20101, CVE-2024-40660, CVE-2024-43081, CVE-2024-43085, CVE-2024-43093, CVE-2024-43082, CVE-2024-43084, CVE-2024-43086, CVE-2024-43091, CVE-2024-29779, CVE-2024-34719, CVE-2024-40661, CVE-2024-43080, CVE-2024-43087, CVE-2024-43088, CVE-2024-43089, CVE-2024-43090, CVE-2024-43083, CVE-2024-31330, CVE-2024-38402<br /><br /><strong><font size="4">Moderate</font></strong><br />None<br /><br /><strong><font size="4">Already included in previous updates</font></strong><br />None<br /><br /><strong><font size="4">Not applicable to Samsung devices</font></strong><br />CVE-2024-43094<br /><br /><br /><i>※ Please see Android Security Bulletin for detailed information on Google patches.</i><br /><br /><br /><font size="4">Samsung Semiconductor patches are also included in this Security Maintenance Release with the following CVE item:</font><br /><br /><strong><font size="4">High</font></strong><br />CVE-2024-45185<br /><br /><i>※ Please see Samsung Semiconductor <a href="https://semiconductor.samsung.com/support/quality-support/product-security-updates" style="color:blue" rel="nofollow">Product Security Update</a> for detailed information on Samsung Semiconductor patches.</i><br /><br /><br />Along with Google patches and Samsung Semiconductor patches, Samsung Mobile provides 13 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Nov-2024 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.<br /><br /><br /><strong><font size="4">SVE-2024-0956(CVE-2024-34673): Improper input validation in IpcProtocol in Modem</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: April 18, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation in IpcProtocol in Modem prior to SMR Nov-2024 Release 1 allows local attackers to cause Denial-of-Service.<br />The patch removes unnecessary implementation in IpcProtocol in Modem.<br /><br /><br /><strong><font size="4">SVE-2024-1214(CVE-2024-49402): Improper input validation in Dressroom</font></strong><br /><br />Severity: High<br />Affected versions: Android 14<br />Reported on: May 29, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation in Dressroom prior to SMR Nov-2024 Release 1 allow physical attackers to access data across multiple user profiles.<br />The patch adds proper validation.<br /><br /><br /><strong><font size="4">SVE-2024-1222(CVE-2024-34674): Improper access control in Contacts</font></strong><br /><br />Severity: High<br />Affected versions: Android 12, 13, 14<br />Reported on: May 30, 2024<br />Disclosure status: Privately disclosed<br />Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles.<br />The patch adds proper access control.<br /><br /><br /><strong><font size="4">SVE-2024-1240(CVE-2024-34675): Improper access control in Dex Mode.</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 14<br />Reported on: June 3, 2024<br />Disclosure status: Privately disclosed<br />Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to temporarily access to unlocked screen.<br />The patch adds proper status check.<br /><br /><br /><strong><font size="4">SVE-2024-1481(CVE-2024-34676): Out-of-bounds write in libsubextractor.so</font></strong><br /><br />Severity: High<br />Affected versions: Android 12, 13, 14<br />Reported on: July 20, 2024<br />Disclosure status: Privately disclosed<br />Out-of-bounds write in parsing subtitle file in libsubextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. User interaction is required for triggering this vulnerability.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-1520(CVE-2024-34677): Exposure of sensitive information in System UI</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: July 29, 2024<br />Disclosure status: Privately disclosed<br />Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate.<br />The patch removes unnecessary implementation using sensitive information.<br /><br /><br /><strong><font size="4">SVE-2024-1524(CVE-2024-34678): Out-of-bounds write in libsapeextractor.so</font></strong><br /><br />Severity: High<br />Affected versions: Android 12, 13, 14<br />Reported on: July 31, 2024<br />Disclosure status: Privately disclosed<br />Out-of-bounds write in libsapeextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-1643(CVE-2024-34679): Incorrect default permissions in Crane</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 14<br />Reported on: August 19, 2024<br />Disclosure status: Privately disclosed<br />Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege.<br />The patch adds proper access control.<br /><br /><br /><strong><font size="4">SVE-2024-1651(CVE-2024-34680): Use of implicit intent for sensitive communication in WlanTest</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: August 21, 2024<br />Disclosure status: Privately disclosed<br />Use of implicit intent for sensitive communication in WlanTest prior to SMR Nov-2024 Release 1 allows local attackers to get sensitive information.<br />The patch adds proper access control.<br /><br /><br /><strong><font size="4">SVE-2024-1666(CVE-2024-34681): Improper input validation in BluetoothAdapter</font></strong><br /><br />Severity: High<br />Affected versions: Android Watch 13, 14<br />Reported on: August 25, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation in BluetoothAdapter prior to SMR Nov-2024 Release 1 allows local attackers to cause local permanent denial of service on Galaxy Watch.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-1697(CVE-2024-34682): Improper authorization in Settings</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 14<br />Reported on: August 30, 2024<br />Disclosure status: Privately disclosed<br />Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi password in Maintenance Mode.<br />The patch adds proper authorization.<br /><br /><br /><strong><font size="4">SVE-2024-1699(CVE-2024-49401): Improper input validation in Settings Suggestions</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 13, 14<br />Reported on: August 30, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities.<br />The patch add proper input validation.<br /><br /><br /><em>Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.</em></font><div id="__endic_crx__"><div class="css-diqpy0"></div></div><div id="__endic_crx__"><div class="css-diqpy0"></div></div><div id="__endic_crx__"><div class="css-diqpy0"></div></div><div id="__endic_crx__"><div class="css-diqpy0"></div></div> <br /><br /> <strong><font size="4">Acknowledgements</font></strong><br /> <pre style='font-family: "SamsungOne", Arial, sans-serif;margin-left:-10px'><font size="3">Wenqiang Li: SVE-2024-0956 ycmint working at ADLab of VenusTech: SVE-2024-1214, SVE-2024-1222 Elias Schröder: SVE-2024-1240 Dawuge: SVE-2024-1481, SVE-2024-1524, SVE-2024-1651, SVE-2024-1699 Dzmitry Lukyanenka: SVE-2024-1520 Chen Jiang of vivo kM1rr0rs secLab: SVE-2024-1643 skyh1ll: SVE-2024-1666</font></pre> </div> </div> <div id='1'></div> <div class="wrap_acc"> <div class="acc_title" id="October" data-a="1" data-b="October"><a href="javascript:;" title="Detail view open">SMR-OCT-2024</a></div> <div class="acc_sub"> <font size="3">Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.<br /><br /><br /><font size="4">Google patches include patches up to Android Security Bulletin – October 2024 package. The Bulletin (October 2024) contains the following CVE items:</font><br /><br /><strong><font size="4">Critical</font></strong><br />CVE-2024-33042, CVE-2024-33052<br /><br /><strong><font size="4">High</font></strong><br />CVE-2024-3655, CVE-2024-31336, CVE-2024-23716, CVE-2024-36972, CVE-2024-23365, CVE-2024-23362, CVE-2024-33016, CVE-2024-33045, CVE-2024-33054, CVE-2024-33038, CVE-2024-33035, CVE-2024-33034, CVE-2024-33060, CVE-2024-23358, CVE-2024-23359, CVE-2024-23364, CVE-2024-33051, CVE-2024-33057, CVE-2024-33050, CVE-2024-33048, CVE-2024-33043, CVE-2024-0044, CVE-2024-40676, CVE-2024-40675, CVE-2024-40673, CVE-2024-40672, CVE-2024-40677, CVE-2024-40674, CVE-2024-43047<br /><br /><strong><font size="4">Moderate</font></strong><br />None<br /><br /><strong><font size="4">Already included in previous updates</font></strong><br />None<br /><br /><strong><font size="4">Not applicable to Samsung devices</font></strong><br />CVE-2024-39432, CVE-2024-39431, CVE-2024-20017<br /><br /><br /><i>※ Please see Android Security Bulletin for detailed information on Google patches.</i><br /><br /><br /><font size="4">Samsung Semiconductor patches are also included in this Security Maintenance Release with the following CVE item:</font><br /><br /><strong><font size="4">High</font></strong><br />CVE-2024-44068, CVE-2024-45184<br /><br /><i>※ Please see Samsung Semiconductor <a href="https://semiconductor.samsung.com/support/quality-support/product-security-updates" style="color:blue" rel="nofollow">Product Security Update</a> for detailed information on Samsung Semiconductor patches.</i><br /><br /><br />Along with Google patches and Samsung Semiconductor patches, Samsung Mobile provides 12 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Oct-2024 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.<br /><br /><br /><strong><font size="4">SVE-2024-0766(CVE-2024-34662): Improper access control in ActivityManager</font></strong><br /><br />Severity: Moderate<br />Affected versions: SMR Oct-2024 Release 1 in select Android 12, 13 and SMR Sep-2024 Release 1 in select Android 14<br />Reported on: March 28, 2024<br />Disclosure status: Privately disclosed<br />Improper access control in ActivityManager prior to SMR Oct-2024 Release 1 in select Android 12, 13 and SMR Sep-2024 Release 1 in select Android 14 allows local attackers to execute privileged behaviors.<br />The patch adds proper access control logic.<br /><br /><br /><strong><font size="4">SVE-2024-1247(CVE-2024-34663): Integer overflow in libSEF.quram.so</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: June 3, 2024<br />Disclosure status: Privately disclosed<br />Integer overflow in libSEF.quram.so prior to SMR Oct-2024 Release 1 allows local attackers to write out-of-bounds memory.<br />The patch adds proper logic.<br /><br /><br /><strong><font size="4">SVE-2024-1387(CVE-2024-34664): Improper check for exception conditions in Knox Guard</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: July 5, 2024<br />Disclosure status: Privately disclosed<br />Improper check for exception conditions in Knox Guard prior to SMR Oct-2024 Release 1 allows physical attackers to bypass Knox Guard in a multi-user environment.<br />The patch adds proper check logic.<br /><br /><br /><strong><font size="4">SVE-2024-1490(CVE-2024-34665): Out-of-bounds write in librtppayload.so</font></strong><br /><br />Severity: Critical<br />Affected versions: Android 12, 13, 14<br />Reported on: July 21, 2024<br />Disclosure status: Privately disclosed<br />Out-of-bounds write in parsing h.264 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-1492(CVE-2024-34666): Out-of-bounds write in librtppayload.so</font></strong><br /><br />Severity: Critical<br />Affected versions: Android 12, 13, 14<br />Reported on: July 21, 2024<br />Disclosure status: Privately disclosed<br />Out-of-bounds write in parsing h.264 format in a specific mode in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-1494(CVE-2024-34667): Out-of-bounds write in librtppayload.so</font></strong><br /><br />Severity: Critical<br />Affected versions: Android 12, 13, 14<br />Reported on: July 21, 2024<br />Disclosure status: Privately disclosed<br />Out-of-bounds write in parsing h.265 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-1495(CVE-2024-34668): Out-of-bounds write in librtppayload.so</font></strong><br /><br />Severity: Critical<br />Affected versions: Android 12, 13, 14<br />Reported on: July 21, 2024<br />Disclosure status: Privately disclosed<br />Out-of-bounds write in parsing h.263 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-1496(CVE-2024-34669): Out-of-bounds write in librtppayload.so</font></strong><br /><br />Severity: Critical<br />Affected versions: Android 12, 13, 14<br />Reported on: July 21, 2024<br />Disclosure status: Privately disclosed<br />Out-of-bounds write in parsing h.263&#43; format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.<br />The patch adds proper input validation.<br /><br /><br /><em>Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.</em></font><div id="__endic_crx__"><div class="css-diqpy0"></div></div><div id="__endic_crx__"><div class="css-diqpy0"></div></div> <br /><br /> <strong><font size="4">Acknowledgements</font></strong><br /> <pre style='font-family: "SamsungOne", Arial, sans-serif;margin-left:-10px'><font size="3">Knifefish: SVE-2024-0766 PORKODI RAJESH: SVE-2024-1387 Yifei Xie: SVE-2024-1490, SVE-2024-1492, SVE-2024-1494, SVE-2024-1495, SVE-2024-1496</font></pre> </div> </div> <div id='2'></div> <div class="wrap_acc"> <div class="acc_title" id="September" data-a="2" data-b="September"><a href="javascript:;" title="Detail view open">SMR-SEP-2024</a></div> <div class="acc_sub"> <font size="3">Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.<br /><br /><br /><font size="4">Google patches include patches up to Android Security Bulletin – September 2024 package. The Bulletin (September 2024) contains the following CVE items:</font><br /><br /><strong><font size="4">Critical</font></strong><br />CVE-2024-23350<br /><br /><strong><font size="4">High</font></strong><br />CVE-2024-23355, CVE-2024-21481, CVE-2024-23356, CVE-2024-23357, CVE-2024-33027, CVE-2024-21478, CVE-2024-23383, CVE-2024-23384, CVE-2024-23382, CVE-2024-23381, CVE-2024-23352, CVE-2024-23353, CVE-2024-20082, CVE-2024-33013, CVE-2024-33025, CVE-2024-33015, CVE-2024-33024, CVE-2024-33010, CVE-2024-33020, CVE-2024-33018, CVE-2024-33019, CVE-2024-33026, CVE-2024-2937, CVE-2024-31333, CVE-2024-33011, CVE-2024-33012, CVE-2024-33014, CVE-2024-33023, CVE-2024-4607, CVE-2024-32896, CVE-2024-40658, CVE-2024-40662, CVE-2024-40650, CVE-2024-40652, CVE-2024-40654, CVE-2024-40655, CVE-2024-40657, CVE-2024-40656, CVE-2024-40659, CVE-2024-40665, CVE-2024-40664, CVE-2024-40663, CVE-2024-40666<br /><br /><strong><font size="4">Moderate</font></strong><br />None<br /><br /><strong><font size="4">Already included in previous updates</font></strong><br />CVE-2024-36971<br /><br /><strong><font size="4">Not applicable to Samsung devices</font></strong><br />CVE-2024-33028<br /><br /><br /><i>※ Please see Android Security Bulletin for detailed information on Google patches.</i><br /><br /><br />Along with Google patches, Samsung Mobile provides 23 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Sep-2024 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.<br /><br /><br /><strong><font size="4">SVE-2023-1030(CVE-2024-34637): Improper access control in WindowManagerService</font></strong><br /><br />Severity: Moderate<br />Affected versions: SMR Sep-2024 Release 1 in Android 12 and SMR Jun-2024 Release 1 in Android 13, 14<br />Reported on: June 12, 2023<br />Disclosure status: Privately disclosed<br />Improper access control in WindowManagerService prior to SMR Sep-2024 Release 1 in Android 12, and SMR Jun-2024 Release 1 in Android 13 and Android 14 allows local attackers to bypass restrictions on starting services from the background.<br />The patch adds proper check logic.<br /><br /><br /><strong><font size="4">SVE-2023-1487(CVE-2024-34651): Improper authorization in My Files</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: August 10, 2023<br />Disclosure status: Privately disclosed<br />Improper authorization in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access restricted data in My Files.<br />The patch adds proper authorization verification logic.<br /><br /><br /><strong><font size="4">SVE-2024-0453(CVE-2024-34638): Improper handling of exceptional conditions in ThemeCenter</font></strong><br /><br />Severity: High<br />Affected versions: Android 12, 13<br />Reported on: February 23, 2024<br />Disclosure status: Privately disclosed<br />Improper handling of exceptional conditions in ThemeCenter prior to SMR Sep-2024 Release 1 allows local attackers to delete non-preloaded applications.<br />The patch adds proper validation.<br /><br /><br /><strong><font size="4">SVE-2024-0513(CVE-2024-34652): Incorrect authorization in kperfmon</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: March 3, 2024<br />Disclosure status: Privately disclosed<br />Incorrect authorization in kperfmon prior to SMR Sep-2024 Release 1 allows local attackers to access information related to performance including app usage.<br />The patch adds proper access control.<br /><br /><br /><strong><font size="4">SVE-2024-0785(CVE-2024-34640): Improper access control in BGProtectManager</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: April 1, 2024<br />Disclosure status: Privately disclosed<br />Improper access control vulnerability in BGProtectManager prior to SMR Sep-2024 Release 1 allows local attackers to bypass restriction of process expiration.<br />The patch adds proper check logic.<br /><br /><br /><strong><font size="4">SVE-2024-0852(CVE-2024-34653): Path Traversal in My Files</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: April 7, 2024<br />Disclosure status: Privately disclosed<br />Path Traversal in My Files prior to SMR Sep-2024 Release 1 allows physical attackers to access directories with My Files&#39; privilege.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-0918(CVE-2024-34654): Improper Export of android application component in My Files</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 13, 14<br />Reported on: April 14, 2024<br />Disclosure status: Privately disclosed<br />Improper Export of android application component in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access files with My Files&#39; privilege.<br />The patch adds proper access control.<br /><br /><br /><strong><font size="4">SVE-2024-0970(CVE-2024-34641): Improper Export of Android Application Components in FeliCaTest</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: April 20, 2024<br />Disclosure status: Privately disclosed<br />Improper Export of Android Application Components in FeliCaTest prior to SMR Sep-2024 Release 1 allows local attackers to enable NFC configuration.<br />The patch adds proper access control.<br /><br /><br /><strong><font size="4">SVE-2024-1009(CVE-2024-34642): Improper authorization in One UI Home</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: April 29, 2024<br />Disclosure status: Privately disclosed<br />Improper authorization in One UI Home prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access sensitive information.<br />The patch adds proper validation.<br /><br /><br /><strong><font size="4">SVE-2024-1154(CVE-2024-34643): Improper access control in Dressroom</font></strong><br /><br />Severity: Moderate<br />Affected versions: Selected Android 14 devices<br />Reported on: May 19, 2024<br />Disclosure status: Privately disclosed<br />Improper access control in key input related function in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability.<br />The patch adds proper access control.<br /><br /><br /><strong><font size="4">SVE-2024-1155(CVE-2024-34644): Improper access control in Dressroom</font></strong><br /><br />Severity: Moderate<br />Affected versions: Selected Android 14 devices<br />Reported on: May 19, 2024<br />Disclosure status: Privately disclosed<br />Improper access control in item selection related in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability.<br />The patch adds proper access control.<br /><br /><br /><strong><font size="4">SVE-2024-1156(CVE-2024-34645): Improper input validation in ThemeCenter application</font></strong><br /><br />Severity: High<br />Affected versions: Android 12, 13<br />Reported on: May 19, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation in ThemeCenter prior to SMR Sep-2024 Release 1 allows physical attackers to install privileged applications.<br />The patch adds proper input verification logic.<br /><br /><br /><strong><font size="4">SVE-2024-1187(CVE-2024-34646): Improper access control in DualDarManagerProxy</font></strong><br /><br />Severity: High<br />Affected versions: Android 12, 13, 14<br />Reported on: May 23, 2024<br />Disclosure status: Privately disclosed<br />Improper access control in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to cause local permanent denial of service.<br />The patch adds proper caller verification logic.<br /><br /><br /><strong><font size="4">SVE-2024-1191(CVE-2024-34647): Incorrect use of privileged API in DualDarManagerProxy</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: May 23, 2024<br />Disclosure status: Privately disclosed<br />Incorrect use of privileged API in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to knox without proper license.<br />The patch adds proper caller verification logic.<br /><br /><br /><strong><font size="4">SVE-2024-1212(CVE-2024-34648): Improper Handling of Insufficient Permissions in KnoxMiscPolicy</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: May 28, 2024<br />Disclosure status: Privately disclosed<br />Improper Handling of Insufficient Permissions in KnoxMiscPolicy prior to SMR Sep-2024 Release 1 allows local attackers to access sensitive data.<br />The patch adds proper permission handling.<br /><br /><br /><strong><font size="4">SVE-2024-1226(CVE-2024-34655): Incorrect use of privileged API in UniversalCredentialManager</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: May 30, 2024<br />Disclosure status: Privately disclosed<br />Incorrect use of privileged API in UniversalCredentialManager prior to SMR Sep-2024 Release 1 allows local attackers to access privileged API related to UniversalCredentialManager.<br />The patch adds proper check logic.<br /><br /><br /><strong><font size="4">SVE-2024-1278(CVE-2024-34649): Improper access control in new Dex Mode in multitasking framework</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 14<br />Reported on: June 8, 2024<br />Disclosure status: Privately disclosed<br />Improper access control in new Dex Mode in multitasking framework prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access an unlocked screen.<br />The patch adds proper status check logic.<br /><br /><br /><strong><font size="4">SVE-2024-1381(CVE-2024-34650): Incorrect authorization in CocktailbarService</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 14<br />Reported on: July 4, 2024<br />Disclosure status: Privately disclosed<br />Incorrect authorization in CocktailbarService prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to Edge panel.<br />The patch adds proper protection.<br /><br /><br /><em>Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.</em></font><div id="__endic_crx__"><div class="css-diqpy0"></div></div><div id="__endic_crx__"><div class="css-diqpy0"></div></div><div id="__endic_crx__"><div class="css-diqpy0"></div></div><div id="__endic_crx__"><div class="css-diqpy0"></div></div><div id="__endic_crx__"><div class="css-diqpy0"></div></div> <br /><br /> <strong><font size="4">Acknowledgements</font></strong><br /> <pre style='font-family: "SamsungOne", Arial, sans-serif;margin-left:-10px'><font size="3">hsia.angsh : SVE-2023-1030 OrangeCat: SVE-2023-1487 balance: SVE-2024-0453, SVE-2024-1187, SVE-2024-1191, SVE-2024-1212, SVE-2024-1226 Ryan Johnson of Quokka: SVE-2024-0513 Knifefish: SVE-2024-0785 hackhackdump: SVE-2024-0852, SVE-2024-1154, SVE-2024-1155, SVE-2024-1381 Dawuge: SVE-2024-0918 khilli: SVE-2024-0970 Elias Schröder: SVE-2024-1009, SVE-2024-1278 VIGNESH.K.G: SVE-2024-1156</font></pre> </div> </div> <div id='3'></div> <div class="wrap_acc"> <div class="acc_title" id="August" data-a="3" data-b="August"><a href="javascript:;" title="Detail view open">SMR-AUG-2024</a></div> <div class="acc_sub"> <font size="3">Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.<br /><br /><br /><font size="4">Google patches include patches up to Android Security Bulletin – August 2024 package. The Bulletin (August 2024) contains the following CVE items:</font><br /><br /><strong><font size="4">Critical</font></strong><br />CVE-2024-21461<br /><br /><strong><font size="4">High</font></strong><br />CVE-2024-4610, CVE-2024-0153, CVE-2024-21460, CVE-2024-21465, CVE-2024-21469, CVE-2024-21462, CVE-2024-34724, CVE-2024-34725, CVE-2024-34726, CVE-2024-23373, CVE-2024-23372, CVE-2024-23368, CVE-2024-23380, CVE-2024-26923, CVE-2024-31334, CVE-2024-31335, CVE-2024-20077, CVE-2023-20971, CVE-2023-21351, CVE-2024-34731, CVE-2024-34735, CVE-2024-34737, CVE-2024-34738, CVE-2024-34740, CVE-2024-34741, CVE-2024-34743, CVE-2024-34736, CVE-2024-34742, CVE-2024-34727, CVE-2024-34745, CVE-2024-34746, CVE-2024-36971, CVE-2024-32896<br /><br /><strong><font size="4">Moderate</font></strong><br />None<br /><br /><strong><font size="4">Already included in previous updates</font></strong><br />CVE-2024-20076<br /><br /><strong><font size="4">Not applicable to Samsung devices</font></strong><br />CVE-2024-34734, CVE-2024-34744<br /><br /><br /><i>※ Please see Android Security Bulletin for detailed information on Google patches.</i><br /><br /><br /><font size="4">Samsung Semiconductor patches are also included in this Security Maintenance Release with the following CVE item:</font><br /><br /><strong><font size="4">High</font></strong><br />CVE-2024-31960<br /><br /><i>※ Please see Samsung Semiconductor <a href="https://semiconductor.samsung.com/support/quality-support/product-security-updates" style="color:blue" rel="nofollow">Product Security Update</a> for detailed information on Samsung Semiconductor patches.</i><br /><br /><br />Along with Google and Samsung Semiconductor patches, Samsung Mobile provides 14 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Aug-2024 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.<br /><br /><br /><strong><font size="4">SVE-2023-1910(CVE-2024-34609, CVE-2024-34608, CVE-2024-34607, CVE-2024-34606, CVE-2024-34605, CVE-2024-34604): Improper access control in several system services</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: October 17, 2023<br />Disclosure status: Privately disclosed<br />Improper access control in several system services prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.<br />The patch adds proper access control.<br /><br /><br /><strong><font size="4">SVE-2024-0861(CVE-2024-34610): Improper access control in ExtControlDeviceService</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: April 9, 2024<br />Disclosure status: Privately disclosed<br />Improper access control in ExtControlDeviceService prior to SMR Aug-2024 Release 1 allows local attackers to access protected data.<br />The patch adds proper access control.<br /><br /><br /><strong><font size="4">SVE-2024-0868(CVE-2024-34611): Improper access control in KnoxService</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: April 10, 2024<br />Disclosure status: Privately disclosed<br />Improper access control in KnoxService prior to SMR Aug-2024 Release 1 allows local attackers to get sensitive information.<br />The patch adds proper access control.<br /><br /><br /><strong><font size="4">SVE-2024-0883(CVE-2024-34612): Out-of-bound write in libcodec2secmp4vdec.so</font></strong><br /><br />Severity: High<br />Affected versions: Android 12, 13, 14<br />Reported on: April 12, 2024<br />Disclosure status: Privately disclosed<br />Out-of-bound write in libcodec2secmp4vdec.so prior to SMR Aug-2024 Release 1 allows local attackers to execute arbitrary code.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-0990(CVE-2024-34613): Improper access control in Galaxy Watch</font></strong><br /><br />Severity: Moderate<br />Affected versions: Wear OS 4.0<br />Reported on: April 22, 2024<br />Disclosure status: Privately disclosed<br />Improper access control in Galaxy Watch prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive information of Galaxy watch.<br />The patch adds proper access control.<br /><br /><br /><strong><font size="4">SVE-2024-1064(CVE-2024-34614): Out-of-bound write in libsmat.so</font></strong><br /><br />Severity: High<br />Affected versions: Android 12, 13, 14<br />Reported on: May 5, 2024<br />Disclosure status: Privately disclosed<br />Out-of-bound write in libsmat.so prior to SMR Aug-2024 Release 1 allows local attackers to execute arbitrary code.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-1105(CVE-2024-34615): Out-of-bound write in libsmat.so</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: May 10, 2024<br />Disclosure status: Privately disclosed<br />Out-of-bound write in libsmat.so prior to SMR Aug-2024 Release 1 allows local attackers to cause memory corruption.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-1173(CVE-2024-34616): Improper handling of insufficient permission in KnoxDualDARPolicy</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: May 21, 2024<br />Disclosure status: Privately disclosed<br />Improper handling of insufficient permission in KnoxDualDARPolicy prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive data.<br />The patch adds proper permission.<br /><br /><br /><strong><font size="4">SVE-2024-1185(CVE-2024-34617): Improper handling of insufficient permission in Telephony</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 14<br />Reported on: May 22, 2024<br />Disclosure status: Privately disclosed<br />Improper handling of insufficient permission in Telephony prior to SMR Aug-2024 Release 1 allows local attackers to configure default Message application.<br />The patch adds proper permission.<br /><br /><br /><strong><font size="4">SVE-2024-1200(CVE-2024-34618): Improper access control in System property</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: May 27, 2024<br />Disclosure status: Privately disclosed<br />Improper access control in System property prior to SMR Aug-2024 Release 1 allows local attackers to access cell related information.<br />The patch removes unused code.<br /><br /><br /><strong><font size="4">SVE-2024-1235(CVE-2024-34619): Improper input validation in librtp.so</font></strong><br /><br />Severity: Critical<br />Affected versions: Android 12, 13, 14<br />Reported on: June 2, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation in librtp.so prior to SMR Aug-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-0716(CVE-2024-34620): Improper privilege management in SumeNNService</font></strong><br /><br />Severity: High<br />Affected versions: Android 13, 14<br />Reported on: July 9, 2024<br />Disclosure status: Privately disclosed<br />Improper privilege management in SumeNNService prior to SMR Aug-2024 Release 1 allows local attackers to start privileged service.<br />The patch removes unused code.<br /><br /><br /><strong><font size="4">SVE-2024-0385(CVE-2024-34639): Improper handling of exceptional conditions in Setupwizard</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 14<br />Reported on: February 16, 2024<br />Disclosure status: Privately disclosed<br />Improper handling of exceptional conditions in Setupwizard prior to SMR Aug-2024 Release 1 allows physical attackers to bypass proper validation.<br />The patch adds proper validation.<br /><br /><br /><em>Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.</em></font><div id="__endic_crx__"><div class="css-diqpy0"></div></div><div id="__endic_crx__"><div class="css-diqpy0"></div></div><div id="__endic_crx__"><div class="css-diqpy0"></div></div> <br /><br /> <strong><font size="4">Acknowledgements</font></strong><br /> <pre style='font-family: "SamsungOne", Arial, sans-serif;margin-left:-10px'><font size="3">balance: SVE-2023-1910, SVE-2024-1173, SVE-2024-1185, SVE-2024-0716 Heidi LiW: SVE-2024-0861, SVE-2024-0868 localh0ster: SVE-2024-0990 Dawuge: SVE-2024-0716, SVE-2024-1064, SVE-2024-1105 Ryan Johnson of Quokka: SVE-2024-1200 Yifei Xie: SVE-2024-1235 Patrik Gissleholm: SVE-2024-0385</font></pre> </div> </div> <div id='4'></div> <div class="wrap_acc"> <div class="acc_title" id="July" data-a="4" data-b="July"><a href="javascript:;" title="Detail view open">SMR-JUL-2024</a></div> <div class="acc_sub"> <font size="3">Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.<br /><br /><br /><font size="4">Google patches include patches up to Android Security Bulletin – July 2024 package. The Bulletin (July 2024) contains the following CVE items:</font><br /><br /><strong><font size="4">Critical</font></strong><br />CVE-2023-43556, CVE-2023-43538, CVE-2023-43551, CVE-2024-31320<br /><br /><strong><font size="4">High</font></strong><br />CVE-2024-0671, CVE-2024-1065, CVE-2024-23698, CVE-2024-23696, CVE-2024-23697, CVE-2024-23695, CVE-2024-23711, CVE-2024-26926, CVE-2024-20066, CVE-2024-20068, CVE-2024-20067, CVE-2023-43542, CVE-2024-23363, CVE-2024-31331, CVE-2024-34720, CVE-2024-34723, CVE-2024-31332, CVE-2024-31339, CVE-2024-34721, CVE-2024-31338<br /><br /><strong><font size="4">Moderate</font></strong><br />None<br /><br /><strong><font size="4">Already included in previous updates</font></strong><br />None<br /><br /><strong><font size="4">Not applicable to Samsung devices</font></strong><br />CVE-2024-20069, CVE-2024-20065<br /><br /><br /><i>※ Please see Android Security Bulletin for detailed information on Google patches.</i><br /><br /><br /><font size="4">Samsung Semiconductor patches are also included in this Security Maintenance Release with the following CVE item:</font><br /><br /><strong><font size="4">High</font></strong><br />CVE-2024-26922, CVE-2024-29153, CVE-2023-50805<br /><br /><i>※ Please see Samsung Semiconductor <a href="https://semiconductor.samsung.com/support/quality-support/product-security-updates" style="color:blue" rel="nofollow">Product Security Update</a> for detailed information on Samsung Semiconductor patches.</i><br /><br /><br />Along with Google and Samsung Semiconductor patches, Samsung Mobile provides 34 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Jul-2024 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.<br /><br /><br /><strong><font size="4">SVE-2023-1279(CVE-2024-20888): Improper access control in OneUIHome</font></strong><br /><br />Severity: High<br />Affected versions: Android 12, 13, 14<br />Reported on: July 3, 2023<br />Disclosure status: Privately disclosed<br />Improper access control in OneUIHome prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability.<br />The patch adds proper check logic.<br /><br /><br /><strong><font size="4">SVE-2023-1514(CVE-2024-34583): Improper access control in system property</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: August 16, 2023<br />Disclosure status: Privately disclosed<br />Improper access control in system property prior to SMR Jul-2024 Release 1 allows local attackers to get device identifier.<br />The patch adds proper access control.<br /><br /><br /><strong><font size="4">SVE-2024-0067(CVE-2024-20890, CVE-2024-20889): Improper implementation in BLE</font></strong><br /><br />Severity: Moderate<br />Affected versions: Select Android 12, 13, 14 devices<br />Reported on: January 8, 2024<br />Disclosure status: Privately disclosed<br />Improper implementation in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to trigger abnormal behaviors.<br />The patch adds proper authentication.<br /><br /><br /><strong><font size="4">SVE-2024-0144(CVE-2024-20891): Improper access control in SystemUI</font></strong><br /><br />Severity: High<br />Affected versions: Android 14<br />Reported on: January 16, 2024<br />Disclosure status: Privately disclosed<br />Improper access control in launchFullscreenIntent of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.<br />The patch adds proper access control logic.<br /><br /><br /><strong><font size="4">SVE-2024-0146(CVE-2024-34585): Improper access control in SystemUI</font></strong><br /><br />Severity: High<br />Affected versions: Android 14<br />Reported on: January 16, 2024<br />Disclosure status: Privately disclosed<br />Improper access control in launchApp of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.<br />The patch adds proper access control logic.<br /><br /><br /><strong><font size="4">SVE-2024-0148(CVE-2024-34595): Improper access control in SystemUI</font></strong><br /><br />Severity: High<br />Affected versions: Android 14<br />Reported on: January 16, 2024<br />Disclosure status: Privately disclosed<br />Improper access control in clickAdapterItem of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities.<br />The patch adds proper access control logic.<br /><br /><br /><strong><font size="4">SVE-2024-0194(CVE-2024-20892): Improper verification of signature in FilterProvider</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: January 22, 2024<br />Disclosure status: Privately disclosed<br />Improper verification of signature in FilterProvider prior to SMR Jul-2024 Release 1 allows local attackers to execute privileged behaviors. User interaction is required for triggering this vulnerability.<br />The patch restricts installing of improper filter library.<br /><br /><br /><strong><font size="4">SVE-2024-0440(CVE-2024-20893): Improper input validation in libmediaextractorservice.so</font></strong><br /><br />Severity: High<br />Affected versions: Android 13, 14<br />Reported on: February 22, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation in libmediaextractorservice.so prior to SMR Jul-2024 Release 1 allows local attackers to trigger memory corruption.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-0490(CVE-2024-20894): Improper handling of exceptional conditions in Secure Folder</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 14<br />Reported on: February 28, 2024<br />Disclosure status: Privately disclosed<br />Improper handling of exceptional conditions in Secure Folder prior to SMR Jul-2024 Release 1 allows physical attackers to bypass authentication under certain condition. User interaction is required for triggering this vulnerability.<br />The patch adds proper restriction for exceptional conditions.<br /><br /><br /><strong><font size="4">SVE-2024-0547(CVE-2024-20895): Improper access control in Dar service</font></strong><br /><br />Severity: High<br />Affected versions: Android 12, 13, 14<br />Reported on: March 7, 2024<br />Disclosure status: Privately disclosed<br />Improper access control in Dar service prior to SMR Jul-2024 Release 1 allows local attackers to bypass restriction for calling SDP features.<br />The patch adds proper check logic.<br /><br /><br /><strong><font size="4">SVE-2024-0700(CVE-2024-20896): Use of implicit intent for sensitive communication in Configuration message</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: March 20, 2024<br />Disclosure status: Privately disclosed<br />Use of implicit intent for sensitive communication in Configuration message prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.<br />The patch fixes implicit intent to explicit intent.<br /><br /><br /><strong><font size="4">SVE-2024-0772(CVE-2024-20899, CVE-2024-20898, CVE-2024-20897): Use of implicit intent for sensitive communication in FCM function in IMS service.</font></strong><br /><br />Severity: Moderate<br />Affected versions: Selected Android 14 devices<br />Reported on: March 29, 2024<br />Disclosure status: Privately disclosed<br />Use of implicit intent for sensitive communication in FCM function in IMS service prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information.<br />The patch fixes implicit intent to explicit intent.<br /><br /><br /><strong><font size="4">SVE-2024-0788(CVE-2024-34586): Improper access control in KnoxCustomManagerService</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 14<br />Reported on: April 1, 2024<br />Disclosure status: Privately disclosed<br />Improper access control in KnoxCustomManagerService prior to SMR Jul-2024 Release 1 allows local attackers to configure Knox privacy policy.<br />The patch removes unused code.<br /><br /><br /><strong><font size="4">SVE-2024-0793(CVE-2024-34587): Improper input validation in librtp.so</font></strong><br /><br />Severity: Critical<br />Affected versions: Android 12, 13, 14<br />Reported on: April 1, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation in parsing application information from RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-0794(CVE-2024-34588): Improper input validation in librtp.so</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: April 1, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation in parsing RTCP SR packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-0795(CVE-2024-34589): Improper input validation in librtp.so</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: April 1, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation in parsing RTCP RR packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-0810(CVE-2024-34590): Improper input validation in librtp.so</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: April 2, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation in parsing an item type from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.<br />The patch adds proper size check.<br /><br /><br /><strong><font size="4">SVE-2024-0811(CVE-2024-34591): Improper input validation in librtp.so</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: April 2, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation in parsing an item data from RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-0812(CVE-2024-34592): Improper input validation in librtp.so</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: April 2, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation in parsing RTCP SDES packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to trigger temporary denial of service. User interaction is required for triggering this vulnerability.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-0818(CVE-2024-34593): Improper input validation in librtp.so</font></strong><br /><br />Severity: Critical<br />Affected versions: Android 12, 13, 14<br />Reported on: April 3, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation in parsing and distributing RTCP packet in librtp.so prior to SMR Jul-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-0829(CVE-2024-34602): Use of implicit intent for sensitive communication in Samsung Messages.</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: April 4, 2024<br />Disclosure status: Privately disclosed<br />Use of implicit intent for sensitive communication in Samsung Messages prior to SMR Jul-2024 Release 1 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.<br />The patch fixes implicit intent to explicit intent.<br /><br /><br /><strong><font size="4">SVE-2024-0830(CVE-2024-34603): Improper access control in Samsung Message</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 13, 14<br />Reported on: April 4, 2024<br />Disclosure status: Privately disclosed<br />Improper access control in Samsung Message prior to SMR Jul-2024 Release 1 allows local attackers to access location data.<br />The patch adds proper access control.<br /><br /><br /><strong><font size="4">SVE-2024-0834(CVE-2024-20900): Improper authentication in MTP application</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: April 5, 2024<br />Disclosure status: Privately disclosed<br />Improper authentication in MTP application prior to SMR Jul-2024 Release 1 allows local attackers to enter MTP mode without proper authentication.<br />The patch removes unused code to prevent user interaction bypass.<br /><br /><br /><strong><font size="4">SVE-2024-0851(CVE-2024-20901): Improper input validation in copying data to buffer cache in libsaped</font></strong><br /><br />Severity: High<br />Affected versions: Android 12, 13, 14<br />Reported on: April 7, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation in copying data to buffer cache in libsaped prior to SMR Jul-2024 Release 1 allows local attackers to write out-of-bounds memory.<br />The patch adds proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-0882(CVE-2024-34594): Exposure of sensitive information in proc file system</font></strong><br /><br />Severity: Moderate<br />Affected versions: Selected Android 12, 13, 14 Qualcomm devices<br />Reported on: April 11, 2024<br />Disclosure status: Privately disclosed<br />Exposure of sensitive information in proc file system prior to SMR Jul-2024 Release 1 allows local attackers to read kernel memory address.<br />The patch removes unnecessary proc_entry in proc file system.<br /><br /><br /><em>Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.</em></font><div id="__endic_crx__"><div class="css-diqpy0"></div></div><div id="__endic_crx__"><div class="css-diqpy0"></div></div><div id="__endic_crx__"><div class="css-diqpy0"></div></div> <br /><br /> <strong><font size="4">Acknowledgements</font></strong><br /> <pre style='font-family: "SamsungOne", Arial, sans-serif;margin-left:-10px'><font size="3">神经蛙: SVE-2023-1279 balance: SVE-2023-1514, SVE-2024-0547, SVE-2024-0788 Syed MD Mukit Rashid, Tianwei Wu, Abdullah Al Ishtiaq, Kai Tu, Yilu Dong, Ridwanul Hasan Tanvir, Syed Rafiul Hussain from SyNSec Lab at Penn State, and Omar Haider Chowdhury from Stony Brook University: SVE-2024-0067 开元米粉实力代购: SVE-2024-0144, SVE-2024-0146, SVE-2024-0148 Dzmitry Lukyanenka: SVE-2024-0194 Krishan Kumar: SVE-2024-0490 jch: SVE-2024-0700 khilli: SVE-2024-0772, SVE-2024-0829, SVE-2024-0830 hackpotato: SVE-2024-0810, SVE-2024-0811, SVE-2024-0812, SVE-2024-0818 Florian Draschbacher, Institute for Applied Information Processing and Communications (IAIK): SVE-2024-0834 Billy Jheng Bing Jhong & Pan ZhenPeng(@Peterpan0927) of STAR Labs SG Pte. Ltd.: SVE-2024-0882</font></pre> </div> </div> <div id='5'></div> <div class="wrap_acc"> <div class="acc_title" id="June" data-a="5" data-b="June"><a href="javascript:;" title="Detail view open">SMR-JUN-2024</a></div> <div class="acc_sub"> <font size="3">Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.<br /><br /><br /><font size="4">Google patches include patches up to Android Security Bulletin – June 2024 package. The Bulletin (June 2024) contains the following CVE items:</font><br /><br /><strong><font size="4">Critical</font></strong><br />None<br /><br /><strong><font size="4">High</font></strong><br />CVE-2023-6363, CVE-2024-1067, CVE-2024-1395, CVE-2023-4622, CVE-2023-32871, CVE-2023-32873, CVE-2024-20057, CVE-2024-20056, CVE-2023-43530, CVE-2024-21471, CVE-2024-23351, CVE-2024-23354, CVE-2023-43529, CVE-2024-21475, CVE-2024-21477, CVE-2023-21266, CVE-2024-31310, CVE-2024-31316, CVE-2024-31317, CVE-2024-31318, CVE-2024-31319, CVE-2024-31322, CVE-2024-31324, CVE-2024-31325, CVE-2024-31326, CVE-2024-31312, CVE-2024-31314, CVE-2023-21113, CVE-2023-21114, CVE-2024-31311, CVE-2024-31313, CVE-2024-31315, CVE-2024-31323, CVE-2024-31327, CVE-2024-31328, CVE-2024-31329<br /><br /><strong><font size="4">Moderate</font></strong><br />None<br /><br /><strong><font size="4">Already included in previous updates</font></strong><br />CVE-2023-33119<br /><br /><strong><font size="4">Not applicable to Samsung devices</font></strong><br />CVE-2024-21480, CVE-2023-43531<br /><br /><i>※ Please see Android Security Bulletin for detailed information on Google patches.</i><br /><br /><br /><font size="4">Samsung Semiconductor patch is also included in this Security Maintenance Release with the following CVE item:</font><br /><br /><strong><font size="4">High</font></strong><br />CVE-2024-31956, CVE-2024-31959, CVE-2024-32502, CVE-2024-32504<br /><br /><i>※ Please see Samsung Semiconductor <a href="https://semiconductor.samsung.com/support/quality-support/product-security-updates" style="color:blue" rel="nofollow">Product Security Update</a> for detailed information on Samsung Semiconductor patches.</i><br /><br /><br />Along with Google patches, Samsung Mobile provides 22 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Jun-2024 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.<br /><br /><br /><strong><font size="4">SVE-2023-2165(CVE-2024-20873): Improper input validation vulnerability in caminfo driver</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 14 devices with Exynos s5e8825 chipset<br />Reported on: November 28, 2023<br />Disclosure status: Privately disclosed<br />Improper input validation vulnerability in caminfo driver prior to SMR Jun-2024 Release 1 allows local privileged attackers to write out-of-bounds memory.<br />The patch adds proper boundary check logic to prevent arbitrary write.<br /><br /><br /><strong><font size="4">SVE-2023-2325(CVE-2024-20874): Improper access control vulnerability in SmartManagerCN</font></strong><br /><br />Severity: High<br />Affected versions: Android 13, 14<br />Reported on: December 18, 2023<br />Disclosure status: Privately disclosed<br />Improper access control vulnerability in SmartManagerCN prior to SMR Jun-2024 Release 1 allows local attackers to launch privileged activities.<br />The patch adds the proper validation of incoming intent.<br /><br /><br /><strong><font size="4">SVE-2024-0035(CVE-2024-20885): Improper component protection vulnerability in Samsung Dialer</font></strong><br /><br />Severity: Moderate<br />Affected versions: Selected Android 14 devices<br />Reported on: January 4, 2024<br />Disclosure status: Privately disclosed<br />Improper component protection vulnerability in Samsung Dialer prior to SMR Jun-2024 Release 1 allows local attackers to make a call without proper permission.<br />The patch adds proper permission check logic to prevent improper access.<br /><br /><br /><strong><font size="4">SVE-2024-0047(CVE-2024-20875): Improper caller verification vulnerability in SemClipboard</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: January 6, 2024<br />Disclosure status: Privately disclosed<br />Improper caller verification vulnerability in SemClipboard prior to SMR Jun-2024 Release 1 allows local attackers to access arbitrary files.<br />The patch adds proper caller verification logic to prevent improper access to protected data.<br /><br /><br /><strong><font size="4">SVE-2024-0209(CVE-2024-20876): Improper input validation in libsheifdecadapter.so</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: January 24, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation in libsheifdecadapter.so prior to SMR Jun-2024 Release 1 allows local attackers to lead to memory corruption.<br />The patch adds proper boundary check logic.<br /><br /><br /><strong><font size="4">SVE-2024-0225(CVE-2024-20877): Heap out-of-bound write vulnerability in parsing grid image header in libsavscmn.so</font></strong><br /><br />Severity: High<br />Affected versions: Android 12, 13, 14<br />Reported on: January 25, 2024<br />Disclosure status: Privately disclosed<br />Heap out-of-bound write vulnerability in parsing grid image header in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to execute arbitrary code.<br />The patch fixes implementation of parsing grid image header.<br /><br /><br /><strong><font size="4">SVE-2024-0238(CVE-2024-20878): Heap out-of-bound write vulnerability in parsing grid image in libsavscmn.so</font></strong><br /><br />Severity: High<br />Affected versions: Android 12, 13, 14<br />Reported on: January 26, 2024<br />Disclosure status: Privately disclosed<br />Heap out-of-bound write vulnerability in parsing grid image in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to execute arbitrary code.<br />The patch adds proper size check.<br /><br /><br /><strong><font size="4">SVE-2024-0272(CVE-2024-20879): Improper input validation vulnerability in libsavscmn.so</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: February 2, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation vulnerability in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to write out-of-bounds memory.<br />The patch adds proper size check.<br /><br /><br /><strong><font size="4">SVE-2024-0341(CVE-2024-20880): Stack-based buffer overflow vulnerability in bootloader</font></strong><br /><br />Severity: High<br />Affected versions: Selected Android 12, 13, 14 Qualcomm devices<br />Reported on: February 11, 2024<br />Disclosure status: Privately disclosed<br />Stack-based buffer overflow vulnerability in bootloader prior to SMR Jun-2024 Release 1 allows physical attackers to overwrite memory.<br />The patch adds restriction logic to the vulnerable function to prevent arbitrary access.<br /><br /><br /><strong><font size="4">SVE-2024-0434(CVE-2024-20881): Improper input validation vulnerability in chnactiv TA</font></strong><br /><br />Severity: Critical<br />Affected versions: Selected Android 12, 13 devices<br />Reported on: February 21, 2024<br />Disclosure status: Privately disclosed<br />Improper input validation vulnerability in chnactiv TA prior to SMR Jun-2024 Release 1 allows local privileged attackers lead to potential arbitrary code execution.<br />The patch add proper input validation.<br /><br /><br /><strong><font size="4">SVE-2024-0462(CVE-2024-20882): Out-of-bounds read vulnerability in bootloader</font></strong><br /><br />Severity: Moderate<br />Affected versions: Selected Android 12, 13, 14 Qualcomm devices<br />Reported on: February 25, 2024<br />Disclosure status: Privately disclosed<br />Out-of-bounds read vulnerability in bootloader prior to SMR Jun-2024 Release 1 allows physical attackers to arbitrary data access.<br />The patch adds proper type value to prevent out of bounds read.<br /><br /><br /><strong><font size="4">SVE-2024-0538(CVE-2024-20883): Incorrect use of privileged API vulnerability in BatteryStatsService</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 14<br />Reported on: March 6, 2024<br />Disclosure status: Privately disclosed<br />Incorrect use of privileged API vulnerability in registerBatteryStatsCallback in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged API.<br />The patch adds proper permission to prevent unauthorized access.<br /><br /><br /><strong><font size="4">SVE-2024-0539(CVE-2024-20884): Incorrect use of privileged API vulnerability in BatteryStatsService</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 14<br />Reported on: March 6, 2024<br />Disclosure status: Privately disclosed<br />Incorrect use of privileged API vulnerability in getSemBatteryUsageStats in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged API.<br />The patch adds proper permission to prevent unauthorized access.<br /><br /><br /><em>Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.</em></font> <br /><br /> <strong><font size="4">Acknowledgements</font></strong><br /> <pre style='font-family: "SamsungOne", Arial, sans-serif;margin-left:-10px'><font size="3">Chao Ma of Baidu Security: SVE-2023-2165 YunPeng Cai of vivo kM1rr0rs secLab: SVE-2023-2325 Dzmitry Lukyanenka: SVE-2024-0035, SVE-2024-0047 skyh1ll: SVE-2024-0209 Taeyang Lee (@5unkn0wn) from Theori: SVE-2024-0341, SVE-2024-0462 Marcel Busch (@0ddc0de) and Philipp Mao: SVE-2024-0434 balance: SVE-2024-0538, SVE-2024-0539</font></pre> </div> </div> <div id='6'></div> <div class="wrap_acc"> <div class="acc_title" id="May" data-a="6" data-b="May"><a href="javascript:;" title="Detail view open">SMR-MAY-2024</a></div> <div class="acc_sub"> <font size="3">Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.<br /><br /><br /><font size="4">Google patches include patches up to Android Security Bulletin – May 2024 package. The Bulletin (May 2024) contains the following CVE items:</font><br /><br /><strong><font size="4">Critical</font></strong><br />CVE-2023-28582, CVE-2024-23706, CVE-2024-23700<br /><br /><strong><font size="4">High</font></strong><br />CVE-2024-0042, CVE-2024-20039, CVE-2024-20040, CVE-2024-21463, CVE-2023-33115, CVE-2023-33096, CVE-2023-33103, CVE-2023-33084, CVE-2023-33095, CVE-2023-33104, CVE-2023-33086, CVE-2023-33101, CVE-2023-33100, CVE-2023-33099, CVE-2024-21468, CVE-2024-21472, CVE-2024-0024, CVE-2024-0025, CVE-2024-23705, CVE-2024-23708, CVE-2024-0043, CVE-2024-23707, CVE-2024-23709, CVE-2024-23703, CVE-2024-23701, CVE-2024-23702<br /><br /><strong><font size="4">Moderate</font></strong><br />CVE-2024-20021<br /><br /><strong><font size="4">Already included in previous updates</font></strong><br />CVE-2023-32890<br /><br /><strong><font size="4">Not applicable to Samsung devices</font></strong><br />CVE-2023-28547, CVE-2023-33023<br /><br /><br /><i>※ Please see Android Security Bulletin for detailed information on Google patches.</i><br /><br /><br />Along with Google patches, Samsung Mobile provides 25 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR May-2024 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.<br /><br /><br /><strong><font size="4">SVE-2023-1778(CVE-2024-20866): Authentication bypass vulnerability in Setupwizard</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13<br />Reported on: October 9, 2023<br />Disclosure status: Privately disclosed<br />Authentication bypass vulnerability in Setupwizard prior to SMR May-2024 Release 1 allows physical attackers to skip activation step.<br />The patch removes unnecessary internet access in Setupwizard.<br /><br /><br /><strong><font size="4">SVE-2023-2193(CVE-2024-20855): Improper access control vulnerability in multitasking framework</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 14<br />Reported on: December 1, 2023<br />Disclosure status: Privately disclosed<br />Improper access control vulnerability in multitasking framework prior to SMR May-2024 Release 1 allows physical attackers to access unlocked screen for a while.<br />The patch adds proper status check logic to prevent unauthorized access.<br /><br /><br /><strong><font size="4">SVE-2023-2265(CVE-2024-20856): Improper Authentication vulnerability in Secure Folder</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 14<br />Reported on: December 11, 2023<br />Disclosure status: Privately disclosed<br />Improper Authentication vulnerability in Secure Folder prior to SMR May-2024 Release 1 allows physical attackers to access Secure Folder without proper authentication in a specific scenario.<br />The patch adds proper check logic.<br /><br /><br /><strong><font size="4">SVE-2024-0041(CVE-2024-20857): Improper access control vulnerability in CocktailBarService</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: January 5, 2024<br />Disclosure status: Privately disclosed<br />Improper access control vulnerability in startListening of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application.<br />The patch adds proper access control.<br /><br /><br /><strong><font size="4">SVE-2024-0042(CVE-2024-20858): Improper access control vulnerability in CocktailBarService</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: January 5, 2024<br />Disclosure status: Privately disclosed<br />Improper access control vulnerability in setCocktailHostCallbacks of CocktailBarService prior to SMR May-2024 Release 1 allows local attackers to access information of current application.<br />The patch adds proper access control.<br /><br /><br /><strong><font size="4">SVE-2024-0070(CVE-2024-20859): Improper access control vulnerability in FactoryCamera</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: January 8, 2024<br />Disclosure status: Privately disclosed<br />Improper access control vulnerability in FactoryCamera prior to SMR May-2024 Release 1 allows local attackers to take pictures without privilege.<br />The patch blocks function from official binary.<br /><br /><br /><strong><font size="4">SVE-2024-0071(CVE-2024-20860): Improper export of android application components vulnerability in TelephonyUI</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 14<br />Reported on: January 8, 2024<br />Disclosure status: Privately disclosed<br />Improper export of android application components vulnerability in TelephonyUI prior to SMR May-2024 Release 1 allows local attackers to reboot the device without proper permission.<br />The patch set a proper property on the component.<br /><br /><br /><strong><font size="4">SVE-2024-0092(CVE-2024-20861): Use after free vulnerability in SveService</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: January 11, 2024<br />Disclosure status: Privately disclosed<br />Use after free vulnerability in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to cause memory corruption.<br />The patch adds proper check logic to prevent use after free.<br /><br /><br /><strong><font size="4">SVE-2024-0096(CVE-2024-20862): Out-of-bounds write in SveService</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 11, 12, 13, 14<br />Reported on: January 11, 2024<br />Disclosure status: Privately disclosed<br />Out-of-bounds write in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to execute arbitrary code.<br />The patch adds proper boundary check.<br /><br /><br /><strong><font size="4">SVE-2024-0185(CVE-2024-20863): Improper input validation vulnerability in SNAP in HAL</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: January 20, 2024<br />Disclosure status: Privately disclosed<br />Out of bounds write vulnerability in SNAP in HAL prior to SMR May-2024 Release 1 allows local privileged attackers to execute arbitrary code.<br />The patch adds proper boundary check.<br /><br /><br /><strong><font size="4">SVE-2024-0234(CVE-2024-20865): Authentication bypass in bootloader</font></strong><br /><br />Severity: High<br />Affected versions: Select Android 12, 13, 14 devices with MediaTek chipsets<br />Reported on: January 26, 2024<br />Disclosure status: Privately disclosed<br />Authentication bypass in bootloader prior to SMR May-2024 Release 1 allows physical attackers to flash arbitrary images.<br />The patch adds proper check logic.<br /><br /><br /><strong><font size="4">SVE-2024-0357(CVE-2024-20864): Improper access control vulnerability in DarManagerService</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 14<br />Reported on: February 13, 2024<br />Disclosure status: Privately disclosed<br />Improper access control vulnerability in DarManagerService prior to SMR May-2024 Release 1 allows local attackers to monitor system resources.<br />The patch adds proper access control.<br /><br /><br /><em>Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.</em></font> <br /><br /> <strong><font size="4">Acknowledgements</font></strong><br /> <pre style='font-family: "SamsungOne", Arial, sans-serif;margin-left:-10px'><font size="3">Zhang Qing, Wang Kailong: SVE-2023-1778 Elias Schröder: SVE-2023-2193 Vijay Vignesh Baskaran: SVE-2023-2265 balance: SVE-2024-0041, SVE-2024-0042 Dzmitry Lukyanenka: SVE-2024-0070, SVE-2024-0071 Dohyun Lee (@l33d0hyun): SVE-2024-0092, SVE-2024-0096 Maxime Rossi Bellom at Quarkslab: SVE-2024-0234</font></pre> </div> </div> <div id='7'></div> <div class="wrap_acc"> <div class="acc_title" id="April" data-a="7" data-b="April"><a href="javascript:;" title="Detail view open">SMR-APR-2024</a></div> <div class="acc_sub"> <font size="3">Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.<br /><br /><br /><font size="4">Google patches include patches up to Android Security Bulletin – April 2024 package. The Bulletin (April 2024) contains the following CVE items:</font><br /><br /><strong><font size="4">Critical</font></strong><br />CVE-2023-28578<br /><br /><strong><font size="4">High</font></strong><br />CVE-2023-6143, CVE-2023-6241, CVE-2024-20020, CVE-2024-20005, CVE-2024-20026, CVE-2024-20028, CVE-2024-20025, CVE-2024-20027, CVE-2024-20023, CVE-2024-20024, CVE-2023-33066, CVE-2023-43550, CVE-2023-33042, CVE-2023-43548, CVE-2023-43539, CVE-2023-43549, CVE-2023-43552, CVE-2023-43553, CVE-2024-23710, CVE-2024-23713, CVE-2024-0022, CVE-2024-23712, CVE-2024-23704, CVE-2023-21267, CVE-2024-0026, CVE-2024-0027<br /><br /><strong><font size="4">Moderate</font></strong><br />None<br /><br /><strong><font size="4">Already included in previous updates</font></strong><br />CVE-2024-20022<br /><br /><strong><font size="4">Not applicable to Samsung devices</font></strong><br />CVE-2023-48424, CVE-2023-48425, CVE-2023-43546, CVE-2023-43547, CVE-2023-33105<br /><br /><br /><i>※ Please see Android Security Bulletin for detailed information on Google patches.</i><br /><br /><br />Along with Google patches, Samsung Mobile provides 17 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Apr-2024 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.<br /><br /><br /><strong><font size="4">SVE-2023-2218(CVE-2024-20842): Improper Input Validation vulnerability in libsec-ril</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: December 4, 2023<br />Disclosure status: Privately disclosed<br />Improper Input Validation vulnerability in handling apdu of libsec-ril prior to SMR Apr-2024 Release 1 allows local privileged attackers to write out-of-bounds memory.<br />The patch adds proper boundary check logic to prevent arbitrary write.<br /><br /><br /><strong><font size="4">SVE-2023-2224(CVE-2024-20843): Out-of-bounds write vulnerability in libIfaaCa</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: December 5, 2023<br />Disclosure status: Privately disclosed<br />Out-of-bounds write vulnerability in command parsing implementation of libIfaaCa prior to SMR Apr-2024 Release 1 allows local privileged attackers to execute arbitrary code.<br />The patch adds proper logic to prevent arbitrary code execution.<br /><br /><br /><strong><font size="4">SVE-2023-2269(CVE-2024-20844): Out-of-bounds write vulnerability in libsavsac.so</font></strong><br /><br />Severity: High<br />Affected versions: Android 12<br />Reported on: December 11, 2023<br />Disclosure status: Privately disclosed<br />Out-of-bounds write vulnerability while parsing remaining codewords in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.<br />The patch adds proper boundary check logic.<br /><br /><br /><strong><font size="4">SVE-2023-2270(CVE-2024-20845): Out-of-bounds write vulnerability in libsavsac.so</font></strong><br /><br />Severity: High<br />Affected versions: Android 12<br />Reported on: December 11, 2023<br />Disclosure status: Privately disclosed<br />Out-of-bounds write vulnerability while releasing memory in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.<br />The patch adds proper boundary check logic.<br /><br /><br /><strong><font size="4">SVE-2023-2271(CVE-2024-20846): Out-of-bounds write vulnerability in libsavsac.so</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12<br />Reported on: December 11, 2023<br />Disclosure status: Privately disclosed<br />Out-of-bounds write vulnerability while decoding hcr of libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.<br />The patch adds proper boundary check logic.<br /><br /><br /><strong><font size="4">SVE-2023-2367(CVE-2024-20848): Improper Input Validation vulnerability in libsdffextractor</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: December 22, 2023<br />Disclosure status: Privately disclosed<br />Improper Input Validation vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2024 Release 1 allows local attackers to write out-of-bounds memory.<br />The patch adds proper logic to prevent integer overflow.<br /><br /><br /><strong><font size="4">SVE-2023-2368(CVE-2024-20849): Out-of-bounds Write vulnerability in libsdffextractor</font></strong><br /><br />Severity: High<br />Affected versions: Android 12, 13, 14<br />Reported on: December 22, 2023<br />Disclosure status: Privately disclosed<br />Out-of-bounds Write vulnerability in chunk parsing implementation of libsdffextractor prior to SMR Apr-2024 Release 1 allows local attackers to execute arbitrary code.<br />The patch adds proper logic to prevent arbitrary code execution.<br /><br /><br /><strong><font size="4">SVE-2023-2389(CVE-2024-20847): Improper Access Control vulnerability in StorageManagerService.</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13, 14<br />Reported on: December 28, 2023<br />Disclosure status: Privately disclosed<br />Improper Access Control vulnerability in StorageManagerService prior to SMR Apr-2024 Release 1 allows local attackers to read sdcard information.<br />The patch adds proper caller check logic to prevent improper access.<br /><br /><br /><em>Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.</em></font><div id="__endic_crx__"><div class="css-diqpy0"></div></div> <br /><br /> <strong><font size="4">Acknowledgements</font></strong><br /> <pre style='font-family: "SamsungOne", Arial, sans-serif;margin-left:-10px'><font size="3">Zinuo Han https://twitter.com/ele7enxxh of OPPO Amber Security Lab: SVE-2023-2218, SVE-2023-2224, SVE-2023-2269, SVE-2023-2270, SVE-2023-2271, SVE-2023-2367, SVE-2023-2368 balance: SVE-2023-2389</font></pre> </div> </div> <div id='8'></div> <div class="wrap_acc"> <div class="acc_title" id="March" data-a="8" data-b="March"><a href="javascript:;" title="Detail view open">SMR-MAR-2024</a></div> <div class="acc_sub"> <font size="3">Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.<br /><br /><br /><font size="4">Google patches include patches up to Android Security Bulletin – March 2024 package. The Bulletin (March 2024) contains the following CVE items:</font><br /><br /><strong><font size="4">Critical</font></strong><br />CVE-2024-0039, CVE-2024-23717<br /><br /><strong><font size="4">High</font></strong><br />CVE-2023-5091, CVE-2023-5249, CVE-2023-5643, CVE-2024-20011, CVE-2024-20007, CVE-2023-33046, CVE-2023-33072, CVE-2023-33060, CVE-2023-33076, CVE-2023-33058, CVE-2023-33049, CVE-2023-33057, CVE-2023-43523, CVE-2023-43522, CVE-2023-43536, CVE-2023-43533, CVE-2023-43513, CVE-2023-43516, CVE-2023-43534, CVE-2023-49668, CVE-2023-49667, CVE-2023-32842, CVE-2023-32841, CVE-2023-32843, CVE-2024-0046, CVE-2024-0048, CVE-2024-0049, CVE-2024-0050, CVE-2024-0051, CVE-2024-0053, CVE-2024-0047, CVE-2024-0045, CVE-2024-0052, CVE-2023-21135<br /><br /><strong><font size="4">Moderate</font></strong><br />None<br /><br /><strong><font size="4">Already included in previous updates</font></strong><br />CVE-2024-20010, CVE-2023-43520, CVE-2024-20003, CVE-2023-21234<br /><br /><strong><font size="4">Not applicable to Samsung devices</font></strong><br />CVE-2024-20009, CVE-2024-20006, CVE-2023-43518, CVE-2023-43519, CVE-2023-40081<br /><br /><br /><i>※ Please see Android Security Bulletin for detailed information on Google patches.</i><br /><br /><br />Along with Google patches, Samsung Mobile provides 9 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Mar-2024 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.<br /><br /><br /><strong><font size="4">SVE-2023-1793(CVE-2024-20830): Incorrect default permission in AppLock</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 11, 12, 13, 14<br />Reported on: October 11, 2023<br />Disclosure status: Privately disclosed<br />Incorrect default permission in AppLock prior to SMR Mar-2024 Release 1 allows local attackers to configure AppLock settings.<br />The patch adds proper declaration of permission to prevent unauthorized configuration.<br /><br /><br /><strong><font size="4">SVE-2023-2078(CVE-2024-20831): Stack overflow in bootloader</font></strong><br /><br />Severity: Moderate<br />Affected versions: Selected Android 11, 12, 13, 14 MediaTek devices<br />Reported on: November 16, 2023<br />Disclosure status: Privately disclosed<br />Stack overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows a privileged attackers to execute arbitrary code.<br />The patch adds proper error handling logic.<br /><br /><br /><strong><font size="4">SVE-2023-2079(CVE-2024-20832): Heap overflow in bootloader</font></strong><br /><br />Severity: Moderate<br />Affected versions: Selected Android 11, 12, 13, 14 MediaTek devices<br />Reported on: November 16, 2023<br />Disclosure status: Privately disclosed<br />Heap overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows a privileged attacker to execute arbitrary code.<br />The patch adds proper size check logic.<br /><br /><br /><strong><font size="4">SVE-2023-2151(CVE-2024-20833): Use after free vulnerability in NETLINKFIPSCRYPTO</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 11, 12, 13, 14<br />Reported on: November 25, 2023<br />Disclosure status: Privately disclosed<br />Use after free vulnerability in pub_crypto_recv_msg prior to SMR Mar-2024 Release 1 due to race condition allows local attackers with system privilege to cause memory corruption.<br />The patch adds proper check logic to prevent use after free.<br /><br /><br /><strong><font size="4">SVE-2023-2170(CVE-2024-20834): The sensitive information exposure vulnerability in WlanTest</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 11, 12, 13, 14<br />Reported on: November 28, 2023<br />Disclosure status: Privately disclosed<br />The sensitive information exposure vulnerability in WlanTest prior to SMR Mar-2024 Release 1 allows local attackers to access MAC address without proper permission.<br />The patch adds proper permission to prevent sensitive information exposure.<br /><br /><br /><strong><font size="4">SVE-2023-2382(CVE-2024-20835): Improper access control vulnerability in CustomFrequencyManagerService</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 11, 12, 13, 14<br />Reported on: December 25, 2023<br />Disclosure status: Privately disclosed<br />Improper access control vulnerability in CustomFrequencyManagerService prior to SMR Mar-2024 Release 1 allows local attackers to execute privileged behaviors.<br />The patch removes deprecated functions to prevent improper access.<br /><br /><br /><strong><font size="4">SVE-2023-2385(CVE-2024-20836): Out of bounds Read vulnerability in libsubextractor.so</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 11, 12, 13, 14<br />Reported on: December 27, 2023<br />Disclosure status: Privately disclosed<br />Out of bounds Read vulnerability in ssmis_get_frm in libsubextractor.so prior to SMR Mar-2024 Release 1 allows local attackers to read out of bounds memory.<br />The patch adds proper check logic to prevent buffer overflow.<br /><br /><br /><em>Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.</em></font><div id="__endic_crx__"><div class="css-diqpy0"></div></div> <br /><br /> <strong><font size="4">Acknowledgements</font></strong><br /> <pre style='font-family: "SamsungOne", Arial, sans-serif;margin-left:-10px'><font size="3">balance: SVE-2023-1793, SVE-2023-2382 Maxime Rossi Bellom and Damiano Melotti from Quarkslab: SVE-2023-2078, SVE-2023-2079 Chao Ma of Baidu Security: SVE-2023-2151 Dawuge: SVE-2023-2170 Zinuo Han https://twitter.com/ele7enxxh of OPPO Amber Security Lab: SVE-2023-2385</font></pre> </div> </div> <div id='9'></div> <div class="wrap_acc"> <div class="acc_title" id="February" data-a="9" data-b="February"><a href="javascript:;" title="Detail view open">SMR-FEB-2024</a></div> <div class="acc_sub"> <font size="3">Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.<br /><br /><br /><font size="4">Google patches include patches up to Android Security Bulletin – February 2024 package. The Bulletin (February 2024) contains the following CVE items:</font><br /><br /><strong><font size="4">Critical</font></strong><br />CVE-2023-21651, CVE-2023-33025, CVE-2024-0031<br /><br /><strong><font size="4">High</font></strong><br />CVE-2023-33042, CVE-2023-33043, CVE-2023-33044, CVE-2023-4295, CVE-2023-5427, CVE-2023-21165, CVE-2023-32872, CVE-2023-33033, CVE-2023-33037, CVE-2023-33030, CVE-2023-33032, CVE-2023-33014, CVE-2023-33040, CVE-2023-28567, CVE-2023-28565, CVE-2023-28564, CVE-2023-28548, CVE-2023-28544, CVE-2023-28558, CVE-2023-28559, CVE-2022-33275, CVE-2023-28560, CVE-2023-28557, CVE-2023-33112, CVE-2023-43511, CVE-2023-33062, CVE-2023-33109, CVE-2023-33117, CVE-2023-33110, CVE-2023-33120, CVE-2023-33094, CVE-2023-33114, CVE-2023-33113, CVE-2023-43514, CVE-2023-48352, CVE-2023-48351, CVE-2023-48349, CVE-2023-48350, CVE-2023-48348, CVE-2023-48344, CVE-2023-48342, CVE-2023-48341, CVE-2023-48343, CVE-2023-48340, CVE-2024-0029, CVE-2024-0032, CVE-2024-0034, CVE-2024-0036, CVE-2024-0038, CVE-2024-0041, CVE-2023-40122, CVE-2024-0040, CVE-2024-0014, CVE-2024-0033, CVE-2024-0035, CVE-2023-40093, CVE-2024-0030<br /><br /><strong><font size="4">Moderate</font></strong><br />None<br /><br /><strong><font size="4">Already included in previous updates</font></strong><br />CVE-2023-33036, CVE-2023-33108<br /><br /><strong><font size="4">Not applicable to Samsung devices</font></strong><br />CVE-2023-32874, CVE-2023-33085<br /><br /><br /><i>※ Please see Android Security Bulletin for detailed information on Google patches.</i><br /><br /><br />Along with Google patches, Samsung Mobile provides 8 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Feb-2024 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.<br /><br /><br /><strong><font size="4">SVE-2023-1449(CVE-2024-20810): Implicit intent hijacking vulnerability in Smart Suggestions</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 12, 13<br />Reported on: August 5, 2023<br />Disclosure status: Privately disclosed<br />Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows attackers to get sensitive information.<br />The patch change the implicit intent to explicit intent.<br /><br /><br /><strong><font size="4">SVE-2023-1548(CVE-2024-20811): Improper caller verification in GosSystemService</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 11, 12, 13, 14<br />Reported on: August 20, 2023<br />Disclosure status: Privately disclosed<br />Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer.<br />The patch adds proper verification to prevent unauthorized configuration.<br /><br /><br /><strong><font size="4">SVE-2023-1609(CVE-2024-20812): Out-of-bounds Write in padmd_vld_htbl of libpadm.so</font></strong><br /><br />Severity: High<br />Affected versions: Android 11, 12, 13, 14<br />Reported on: September 3, 2023<br />Disclosure status: Privately disclosed<br />Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.<br />The patch adds buffer size check logic.<br /><br /><br /><strong><font size="4">SVE-2023-1610(CVE-2024-20813): Out-of-bounds Write in padmd_vld_qtbl of libpadm.so</font></strong><br /><br />Severity: High<br />Affected versions: Android 11, 12, 13, 14<br />Reported on: September 3, 2023<br />Disclosure status: Privately disclosed<br />Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.<br />The patch adds buffer size check logic.<br /><br /><br /><strong><font size="4">SVE-2023-1674(CVE-2024-20814): Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 11, 12, 13, 14<br />Reported on: September 17, 2023<br />Disclosure status: Privately disclosed<br />Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to SMR Feb-2024 Release 1 allows attacker access unauthorized information.<br />The patch adds length check logic.<br /><br /><br /><strong><font size="4">SVE-2023-1685(CVE-2024-20816, CVE-2024-20815): Improper authentication vulnerability in Auto Hotspot</font></strong><br /><br />Severity: High<br />Affected versions: Android 11, 12, 13, 14<br />Reported on: September 18, 2023<br />Disclosure status: Privately disclosed<br />Improper authentication vulnerability in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim&#39;s mobile hotspot without user awareness.<br />The patch adds the proper conditions for using Auto Hotspot.<br /><br /><br /><strong><font size="4">SVE-2023-1754(CVE-2024-20819, CVE-2024-20818, CVE-2024-20817): Out-of-bounds write vulnerabilities in libsthmbc.so</font></strong><br /><br />Severity: High<br />Affected versions: Android 11, 12, 13, 14<br />Reported on: October 3, 2023<br />Disclosure status: Privately disclosed<br />Out-of-bounds write vulnerabilities in libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.<br />The patches add proper check logic to prevent buffer overflow.<br /><br /><br /><strong><font size="4">SVE-2023-2215(CVE-2024-20820): Out-of-bounds read vulnerability in bootloader</font></strong><br /><br />Severity: Moderate<br />Affected versions: Selected Android 11, 12, 13 MediaTek devices<br />Reported on: November 28, 2023<br />Disclosure status: Privately disclosed<br />Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows attacker to cause an Out-Of-Bounds read.<br />The patch adds proper validation check logic to prevent Out-Of-Bounds read.<br /><br /><br /><em>Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.</em></font><div id="__endic_crx__"><div class="css-diqpy0"></div></div><div id="__endic_crx__"><div class="css-diqpy0"></div></div><div id="__endic_crx__"><div class="css-diqpy0"></div></div> <br /><br /> <strong><font size="4">Acknowledgements</font></strong><br /> <pre style='font-family: "SamsungOne", Arial, sans-serif;margin-left:-10px'><font size="3">OrangeCat: SVE-2023-1449 Tron: SVE-2023-1548 Dawuge: SVE-2023-1609, SVE-2023-1610, SVE-2023-1674, SVE-2023-1754 Erik Lucas Smit: SVE-2023-1685 Maxime Rossi Bellom, Damiano Melotti and Raphaël Neveu from Quarkslab: SVE-2023-2215</font></pre> </div> </div> <div id='10'></div> <div class="wrap_acc"> <div class="acc_title" id="January" data-a="10" data-b="January"><a href="javascript:;" title="Detail view open">SMR-JAN-2024</a></div> <div class="acc_sub"> <font size="3">Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.<br /><br /><br /><font size="4">Google patches include patches up to Android Security Bulletin – January 2024 package. The Bulletin (January 2024) contains the following CVE items:</font><br /><br /><strong><font size="4">Critical</font></strong><br />CVE-2022-40507<br /><br /><strong><font size="4">High</font></strong><br />CVE-2023-4272, CVE-2023-32804, CVE-2023-3889, CVE-2023-21215, CVE-2023-21227, CVE-2023-21228, CVE-2023-21216, CVE-2023-21218, CVE-2023-21166, CVE-2023-21164, CVE-2023-21163, CVE-2023-21162, CVE-2023-21217, CVE-2023-21401, CVE-2023-21402, CVE-2023-21263, CVE-2023-35690, CVE-2023-21403, CVE-2023-32847, CVE-2023-32848, CVE-2023-32851, CVE-2022-22076, CVE-2023-21652, CVE-2023-21664, CVE-2023-21662, CVE-2023-33017, CVE-2023-28546, CVE-2023-28585, CVE-2023-28586, CVE-2023-33022, CVE-2023-33054, CVE-2023-28550, CVE-2023-28551, CVE-2023-33018, CVE-2023-33081, CVE-2023-33089, CVE-2023-33098, CVE-2023-33088, CVE-2023-33080, CVE-2023-33097, CVE-2023-33079, CVE-2023-33092, CVE-2023-33107, CVE-2023-33106, CVE-2023-33063, CVE-2023-33053, CVE-2023-33087, CVE-2023-45779, CVE-2022-48457, CVE-2022-48458, CVE-2022-48459, CVE-2022-48454, CVE-2022-48455, CVE-2022-48461, CVE-2022-48456, CVE-2023-32818, CVE-2023-21245, CVE-2024-0015, CVE-2024-0018, CVE-2024-0023, CVE-2024-0019, CVE-2024-0021, CVE-2023-35671, CVE-2024-0016, CVE-2024-0017, CVE-2024-0020, CVE-2023-21266, CVE-2023-40120<br /><br /><strong><font size="4">Moderate</font></strong><br />CVE-2023-32842, CVE-2023-32844, CVE-2023-32846, CVE-2023-32841, CVE-2023-32843, CVE-2023-32845<br /><br /><strong><font size="4">Already included in previous updates</font></strong><br />CVE-2023-4863<br /><br /><strong><font size="4">Not applicable to Samsung devices</font></strong><br />CVE-2023-32850, CVE-2023-28587, CVE-2023-28588, CVE-2023-40085<br /><br /><br /><i>※ Please see Android Security Bulletin for detailed information on Google patches.</i><br /><br /><br />Along with Google patches, Samsung Mobile provides 5 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Jan-2024 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.<br /><br /><br /><strong><font size="4">SVE-2023-1689(CVE-2024-20806): Improper access control in Notification service</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 11, 12, 13, 14<br />Reported on: September 19, 2023<br />Disclosure status: Privately disclosed<br />Improper access control in Notification service prior to SMR Jan-2024 Release 1 allows local attacker to access notification data.<br />The patch adds proper access control to prevent unauthorized data access.<br /><br /><br /><strong><font size="4">SVE-2023-1667(CVE-2024-20802): Improper access control in Samsung DeX</font></strong><br /><br />Severity: Moderate<br />Affected versions: Selected Android 13 devices<br />Reported on: September 16, 2023<br />Disclosure status: Privately disclosed<br />Improper access control vulnerability in Samsung DeX prior to SMR Jan-2024 Release 1 allows owner to access other users&#39; notification in a multi-user environment.<br />The patch adds proper access control logic to prevent unauthorized data access.<br /><br /><br /><strong><font size="4">SVE-2023-1418(CVE-2024-20805): Path traversal vulnerability in MyFiles</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 11, 12 and MyFiles prior to version 14.5.00.21 in Android 13<br />Reported on: July 28, 2023<br />Disclosure status: Privately disclosed<br />Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows attackers to write arbitrary file.<br />The patch adds mitigation logic to prevent path traversal.<br /><br /><br /><strong><font size="4">SVE-2023-1406(CVE-2024-20804): Path traversal vulnerability in MyFiles</font></strong><br /><br />Severity: Moderate<br />Affected versions: Android 11, 12 and MyFiles prior to version 14.5.00.21 in Android 13<br />Reported on: July 26, 2023<br />Disclosure status: Privately disclosed<br />Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows attackers to write arbitrary file.<br />The patch adds mitigation logic to prevent path traversal.<br /><br /><br /><strong><font size="4">SVE-2023-1038(CVE-2024-20803): Improper authentication vulnerability in Bluetooth pairing process</font></strong><br /><br />Severity: High<br />Affected versions: Android 11, 12, 13, 14<br />Reported on: June 14, 2023<br />Disclosure status: Privately disclosed<br />Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction.<br />The patch deleted the auto-confirmation procedure under certain conditions.<br /><br /><br /><em>Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.</em></font><div id="__endic_crx__"><div class="css-diqpy0"></div></div> <br /><br /> <strong><font size="4">Acknowledgements</font></strong><br /> <pre style='font-family: "SamsungOne", Arial, sans-serif;margin-left:-10px'><font size="3">Dzmitry Lukyanenka: SVE-2023-1689 Adnan Elezović: SVE-2023-1667 Febin Mon Saji: SVE-2023-1418 Dawuge: SVE-2023-1406</font></pre> </div> </div> </div> <!-- //list --> </div> </div> <!-- //contents --> </div> <!-- //container --> </form> <!-- footer --> <footer id="footer"> <div class="in"> <div class="sitemap"> <p>SITE MAP</p> <ul> <li><a href="/workScope.smsb">Security Updates</a></li> <li><a href="/securityReporting.smsb">Security Reporting</a></li> <li><a href="/rewardsProgram.smsb">Rewards Program</a></li> <li><a href="/securityPost.smsb">Security Post</a></li> </ul> </div> <div class="site_link"> <div class="dropdown"><button type="button" class="dropbtn_none btn_footer_cookie" title="Cookie Policy">Cookie Policy</button></div> <div class="dropdown"> <button onclick="myFunction()" class="dropbtn" title="Privacy Policy">Privacy Policy</button> <div id="myDropdown" class="dropdown-content"> <a href="./privacy/global/privacy_notice.html" target="_blank" title="Global">Global</a> <a href="./privacy/us/privacy_notice_us.html" target="_blank" title="US">US</a> <a href="./privacy/eu/privacy_notice_eu.html" target="_blank" title="EU">EU</a> <a href="./privacy/latin/privacy_notice_latin.html" target="_blank" title="Latin America">Latin America</a> <a href="./privacy/korea/privacy_notice_korea.html" target="_blank" title="Korea">Korea</a> <a href="./privacy/brazil/privacy_notice_brazil.html" target="_blank" title="Brazil">Brazil</a> <a href="./privacy/turkey/privacy_notice_turkey.html" target="_blank" title="Turkey">Turkey</a> <a href="./privacy/vietnam/privacy_notice_vietnam.html" target="_blank" title="Vietnam">Vietnam</a> </div> </div> <div class="dropdown"><button type="button" onclick="location.href='http://www.samsung.com'" class="dropbtn_none" title="Samsung.com site new window">Samsung.com</button></div> </div> <button class="wtop" type="button" title="Move the screen to the top">Top</button> <span class="copy">Copyright© 2017 SAMSUNG All Rights Reserved.</span> </div> </footer> <!-- //footer --> </div> <!-- //wrap --> <form method="post" name="menuMoveForm" id="menuMoveForm" action="/myRequest.smsr" > <input type="hidden" id="timeZoneHour" name="timeZoneHour" value="0" title="timeZoneHour"> <input type="hidden" id="portalIssue" name="portalIssue" value="0" title="portalIssue"> <input type="hidden" id="draftId" name="draftId" value="0" title="draftId"> </form> <form method="post" name="androidUpdatesSearchForm" id="androidUpdatesSearchForm" action="/androidUpdatesSearch.smsb" > <input type="hidden" id="androidSearchText" name="androidSearchText" value="" title="timeZoneHour"> </form> <script type="text/javascript" src="/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=749243165" async></script></body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10