By
Posted on
Samsung has now revealed the details of the March 2020 security patch. Along with Google security patches, Samsung provides 25 Samsung Vulnerabilities and Exposures (SVE) items, in order to improve customer’s confidence in the security of Samsung Mobile devices.
Read More: Here’s the list of eligible devices that will get the One UI 3.0/Android 11
Samsung security index (SSI), found in “Security software version”, SMR March-2020 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.
According to Samsung security patch details, the latest security patch brings fixes for 1 critical issue, 19 high risks, and 3 moderate risks. Check below for the complete changelog.
Issues fixed in this security patch:
- A possible heap overflow vulnerability in the kernel driver allows arbitrary code execution. The patch adds the proper validation of the buffer length.
- A vulnerability in Lockdown mode allows exposure of notifications when the pin entry limit is exceeded. The patch addressed notification exposure in Lockdown mode.
- An improper verification logic in the touch screen firmware update process allows an attacker to load malicious firmware.
The patch adds the proper validation logic in the firmware update process.
- A possible buffer overflow and out-of-bounds read/write vulnerabilities exists in kernel drivers related to the Wi-Fi module.
The patch adds the proper validation of the buffer length to prevent buffer overflow and out-of-bounds read/write.
- A vulnerability in Lockscreen of DeX allows access to quick panel and notifications without authentication.
The patch prevents access to quick panel and notifications in Lockscreen of DeX.
Samsung One UI 2.0 March 2020 Update List: Here’s all the One UI 2.0 software update
List of Samsung devices that will get monthly security patch:
- Galaxy Fold
- Galaxy Z Flip
- Galaxy S8
- Galaxy S8+
- Galaxy S8 Active
- Galaxy S9
- Galaxy S9+
- Galaxy S10
- Galaxy S10+
- Galaxy S10e
- Galaxy S10 5G
- Galaxy S10 Lite
- Galaxy S20
- Galaxy S20 5G
- Galaxy S20+
- Galaxy S20+ 5G
- Galaxy S20 Ultra, Galaxy S20 Ultra 5G
- Galaxy Note 8
- Galaxy Note 9
- Galaxy Note 10
- Galaxy Note 10 5G
- Galaxy Note 10+
- Galaxy Note10+ 5G
- Galaxy Note10 Lite
Enterprise Models:
- Galaxy A8 (2018)
- Galaxy A50
- Galaxy XCover4s
- Galaxy XCover FieldPro
- Galaxy XCover Pro
List of Samsung devices that will get quarterly security patch:
- Galaxy S7
- Galaxy S7 Edge
- Galaxy S7 Active
- Galaxy S8 Lite
- Galaxy A2 Core
- Galaxy A5 (2017)
- Galaxy A6
- Galaxy A6+
- Galaxy A7 (2018)
- Galaxy A8 Star
- Galaxy A8s
- Galaxy A9 (2018)
- Galaxy A10
- Galaxy A10e
- Galaxy A10s
- Galaxy A20
- Galaxy A20e
- Galaxy A20s
- Galaxy A30
- Galaxy A30s
- Galaxy A40
- Galaxy A50s
- Galaxy A51
- Galaxy A60
- Galaxy A70
- Galaxy A70s
- Galaxy A71
- Galaxy A80
- Galaxy A90 5G
- Galaxy A01
- Galaxy J2 Core
- Galaxy J3 Top
- Galaxy J4
- Galaxy J4+
- Galaxy J4 Core
- Galaxy J6
- Galaxy J6+
- Galaxy J7 Duo
- Galaxy J7 Top
- Galaxy J7 Prime2
- Galaxy J8
- Galaxy M10
- Galaxy M10s
- Galaxy M20
- Galaxy M30
- Galaxy M30s
- Galaxy M40
- Galaxy Tab A 10.5 (2018)
- Galaxy Tab A 10.1 (2019)
- Galaxy Tab A 8 (2019)
- Galaxy Tab A 8 Plus (2019)
- Galaxy Tab Active2
- Galaxy Tab Active Pro
- Galaxy Tab S4
- Galaxy Tab S5e
- Galaxy Tab S6
- Galaxy Tab S6 5G
- Galaxy View2
- W20 5G
Other regular security updates:
- Galaxy A3 (2017)
- Galaxy A7 (2017)
- Galaxy A8+ (2018)
- Galaxy Note FE
- Galaxy J3 (2017)
- Galaxy J3 Pop
- Galaxy J5 (2017)
- Galaxy J5 Prime
- Galaxy J7 (2016)
- Galaxy J7 (2017)
- Galaxy J7 Prime
- Galaxy J7 Pop
- Galaxy J7 Max
- Galaxy J7 Neo
- Galaxy J7+
- Galaxy Tab A 10.1 (2016)
- Galaxy Tab A (2017)
- Galaxy Tab S3
- Galaxy Tab E 8 Refresh