Updates

Samsung June 2020 security patch details

Posted on

Samsung has already rolled out the June 2020 security patch to some of its smartphones, including the Galaxy S20 series. The company has now revealed the details of the June 2020 security patch.

Along with Google security patches, Samsung provides 29 Samsung Vulnerabilities and Exposures (SVE) items, in order to improve customer’s confidence in the security of Samsung Mobile devices.

One UI 3.0: list of eligible Samsung devices that will get the Android 11

In the June 2020 security patch, the company fixed 2 critical vulnerabilities in the Android OS, along with several high and moderate-risk vulnerabilities.

Join our Samsung Channel on Telegram:

Issues fixed in the June 2020 security patch:

  • A vulnerability in RKP allows disabling SEAndroid policy. The patch protects SEAndroid related variables in the RKP.
  • A possible information leak vulnerability exists in One UI HOME. The patch fixes incorrect implementation of logging.
  • A vulnerability in Kinibi allows arbitrary memory mapping. The patch restricts arbitrary memory mapping in Kinibi.
  • Several memory vulnerabilities in Widevine trustlet disclose memory information and it can lead to arbitrary code execution. The patches add the proper validation of memory access.
  • A vulnerability in system area allows overwriting arbitrary files without permission via symlink. The patch adds the proper file validation to address the vulnerability.
  • A vulnerability in Secure Folder allows arbitrary installation debugging a command. The patch blocks the debugging command to install in Secure Folder.
  • An invalid input check vulnerability in Gatekeeper trustlet allows brute forcing attack to user credential. The patch adds the proper input validation to prevent brute forcing attack.
  • A possible path traversal vulnerability exists in HWRResProvider and it can lead to data exposure. The patch adds code to check the correct path location in HWRResProvider.
  • A vulnerability in Lockscreen allows access to Music share without authentication. The patch prevents arbitrary access in Lockscreen.
  • A vulnerability in Lockscreen of DeX allows access to quick panel and notifications without authentication. The patch prevents arbitrary access in Lockscreen of DeX.

Note: Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.

Samsung Galaxy devices that have received the June 2020 security patch:

  • Galaxy S20 [Unlocked US]
  • Galaxy S20+ [Unlocked US]
  • Galaxy S20 Ultra [Unlocked US]
  • Galaxy Note 10 [Unlocked US]
  • Galaxy Note 10+ [Unlocked US]
  • Galaxy S10e [Unlocked US]
  • Galaxy S10 [Unlocked US]
  • Galaxy S10+ [Unlocked US]
  • Galaxy Note 8
  • Galaxy A50
  • Galaxy Xcover Pro

Must Read

Exit mobile version