Samsung April 2024 security patch details are out

Without any delay, Samsung has released a new security maintenance bulletin that mentions details of the April 2024 security patch. However, the rollout of the latest security patch is already out for the Galaxy S24 series and will reach more users soon.

As per the details, the April 2024 security patch addresses over 40 vulnerability exposures from Google and Samsung to maintain the device’s reliability including o1 critical, 26 high, and 0 moderate levels of CVEs for the Android operating system.

Moving on, 1 CVE is already included in previous updates and 5 are not applicable on Samsung Galaxy devices. Whereas, the patch addresses a total of 8 SVE items related to input validation, access control, and more from One UI software. 

Below you can check all the Common Vulnerability Exposures and Samsung Vulnerability Exposures that this April 2024 security patch resolves.

JOIN US ON TELEGRAM

Samsung April 2024 Security Patch Details 

Android Patch Details (CVEs)

Critical
CVE-2023-28578

High
CVE-2023-6143, CVE-2023-6241, CVE-2024-20020, CVE-2024-20005, CVE-2024-20026, CVE-2024-20028, CVE-2024-20025, CVE-2024-20027, CVE-2024-20023, CVE-2024-20024, CVE-2023-33066, CVE-2023-43550, CVE-2023-33042, CVE-2023-43548, CVE-2023-43539, CVE-2023-43549, CVE-2023-43552, CVE-2023-43553, CVE-2024-23710, CVE-2024-23713, CVE-2024-0022, CVE-2024-23712, CVE-2024-23704, CVE-2023-21267, CVE-2024-0026, CVE-2024-0027

Moderate
None

Already included in previous updates
CVE-2024-20022

Not applicable to Samsung devices
CVE-2023-48424, CVE-2023-48425, CVE-2023-43546, CVE-2023-43547, CVE-2023-33105

One UI Patch Details (SVEs)

• SVE-2023-2218(CVE-2024-20842): Improper Input Validation vulnerability in libsec-ril
• SVE-2023-2224(CVE-2024-20843): Out-of-bound write vulnerability in libIfaaCa
• SVE-2023-2269(CVE-2024-20844): Out-of-bounds write vulnerability in libsavsac.so
• SVE-2023-2270(CVE-2024-20845): Out-of-bounds write vulnerability in libsavsac.so
• SVE-2023-2271(CVE-2024-20846): Out-of-bounds write vulnerability in libsavsac.so
• SVE-2023-2367(CVE-2024-20848): Out-of-bound write in libsdffextractor
• SVE-2023-2368(CVE-2024-20849): Out-of-bound Write vulnerability in libsdffextractor
• SVE-2023-2389(CVE-2024-20847): Improper Access Control vulnerability in StorageManagerService.