Samsung has officially released August 2023 One UI (Android) security patch details for Galaxy smartphone users. No doubt, the new patch works on fixing a variety of issues and privacy-related exploits in the device and aims to deliver better security and a bug-free experience.
On the flip side, the phone maker has also started sending this update for the top-end models of the company. Eventually, more Galaxy handsets owners will receive the latest improvement rollout as the expansions for this patch continue to happen.
Meanwhile, many Samsung fans have locked their eyes on the One UI 6.0 beta program that has silently peeped through the German website. While there is time to grab the major software officially, let’s see how the latest development improves our Galaxy devices.
Samsung August 2023 security patch – Details
Critical
- CVE-2023-21629, CVE-2023-21282
High
- CVE-2022-28350, CVE-2023-28147, CVE-2021-29256, CVE-2021-0948, CVE-2022-42703, CVE-2023-21255, CVE-2023-20755, CVE-2023-20754, CVE-2023-21631, CVE-2023-21672, CVE-2023-22387, CVE-2023-28542, CVE-2023-22386, CVE-2023-24854, CVE-2023-28541, CVE-2023-24851
- CVE-2023-21265, CVE-2023-21287, CVE-2023-21269, CVE-2023-21270, CVE-2023-21278, CVE-2023-21281, CVE-2023-21286, CVE-2023-21267, CVE-2023-21276, CVE-2023-21277, CVE-2023-21279, CVE-2023-21283, CVE-2023-21288, CVE-2023-21289, CVE-2023-21292, CVE-2023-21280
- CVE-2023-21284, CVE-2023-20965, CVE-2023-21132, CVE-2023-21133, CVE-2023-21134, CVE-2023-21140, CVE-2023-21242, CVE-2023-21275, CVE-2023-21285, CVE-2023-21268, CVE-2023-21290, CVE-2023-21229, CVE-2023-21230, CVE-2023-21231, CVE-2023-35689, CVE-2023-21233
Moderate
- CVE-2023-26083
Already included in previous updates
- CVE-2023-21272, CVE-2023-21273, CVE-2023-21234, CVE-2023-21235, CVE-2023-21232
Not applicable to Samsung devices
- CVE-2023-25012, CVE-2023-22667, CVE-2023-21271, CVE-2023-21274
Other than these, the August 2023 security patch comprises 35 SVE(s) to improve Galaxy security to some more extent. Samsung security index (SSI), found in the Security software version, SMR Aug-2023 Release 1 includes all patches from Samsung and Google. Here are the following SVE:
- SVE-2023-0953(CVE-2023-30701): PendingIntent hijacking in WifiGeofenceManager
- SVE-2023-0877(CVE-2023-30700): PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl
- SVE-2023-0821(CVE-2023-30699): Out-of-bounds write in parser_hvcC function in libsimba
- SVE-2023-0791(CVE-2023-30698): Improper access control vulnerability in TelephonyUI
- SVE-2023-0736(CVE-2023-30697): An improper input validation in IpcTxCfgSetSimlockPayload in libsec-ril
- SVE-2023-0734(CVE-2023-30696): An improper input validation in IpcTxGetVerifyAkey in libsec-ril
- SVE-2023-0723(CVE-2023-30694): Out-of-bounds Write in IpcTxPcscTransmitApdu of libsec-ril
- SVE-2023-0721(CVE-2023-30693): Out-of-bounds Write in DoOemFactorySendFactoryBypassCommand of libsec-ril
- SVE-2023-0618(CVE-2023-30691): Improper input validation in AuthenticationConfig
- SVE-2023-0607(CVE-2023-30689): Out-of-bounds Write in BuildOemEmbmsGetSigStrengthResponse of libsec-ril
- SVE-2023-0601(CVE-2023-30688): Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril
- SVE-2023-0600(CVE-2023-30687): Out-of-bounds Write in RmtUimApdu of libsec-ril
- SVE-2023-0599(CVE-2023-30686): Out-of-bounds Write in ReqDataRaw of libsec-ril
- SVE-2023-0598(CVE-2023-30685): Improper access control vulnerability in Telecom
- SVE-2023-0588(CVE-2023-30684, CVE-2023-30683, CVE-2023-30682): Improper access control in Telecom
- SVE-2023-0585(CVE-2023-30654): Improper access control vulnerability in SLocationService
- SVE-2023-0569(CVE-2023-30681): An improper input validation vulnerability in VaultKeeper in HAL
- SVE-2023-0566(CVE-2023-30680): Improper privilege management in MMIGroup
- SVE-2023-0499(CVE-2023-30679): Improper access control in HDCP trust
Follow our socials → Google News, Telegram