Samsung has recently shared the July 2024 security patch details for Galaxy devices. These fixes aim to bolster the security and performance of Galaxy smartphones and tablets. Although the rollout of the July 2024 update is yet to commence.
As per the input, the July 2024 security patch bulletin mentions fixes 4 critical and 21 high-level of Android issues from Google. The update also addresses 2 exceptions CVEs that don’t affect Samsung devices.
The Korean tech giant has resolved 33 SVE items, focusing on areas like One UI Home, System UI, Secure Folder, Knox, System Property, Filter Provider, Configuration Message, IMS service, and more.
JOIN US ON TELEGRAM
Not only this but in July 2024, Samsung has also included patches for 2 serious hardware-specific problems. Below you can check the CVEs and SVEs that this July 2024 security patch resolves to maintain the reliability of your Galaxy devices.
Samsung July 2024 Security Patch Details
Common Vulnerability Exposures – Details
Critical
- CVE-2023-43556, CVE-2023-43538, CVE-2023-43551, CVE-2024-31320
High
- CVE-2024-0671, CVE-2024-1065, CVE-2024-23698, CVE-2024-23696, CVE-2024-23697, CVE-2024-23695, CVE-2024-23711, CVE-2024-26926, CVE-2024-20066, CVE-2024-20068, CVE-2024-20067, CVE-2023-43542, CVE-2024-23363, CVE-2024-31331, CVE-2024-34720, CVE-2024-34723, CVE-2024-31332, CVE-2024-31339, CVE-2024-34722, CVE-2024-34721, CVE-2024-31338
Moderate
- None
Already included in previous updates
- None
Not applicable to Samsung devices
- CVE-2024-20069, CVE-2024-20065
Samsung Semiconductor
High
- CVE-2024-29153, CVE-2023-50805
Samsung Vulnerability Exposures – Details
- SVE-2023-1279(CVE-2024-20888): Improper access control in OneUIHome
- SVE-2023-1514(CVE-2024-34583): Improper access control in system property
- SVE-2024-0067(CVE-2024-20890, CVE-2024-20889): Improper implementation in BLE
- SVE-2024-0144(CVE-2024-20891): Improper access control in SystemUI
- SVE-2024-0146(CVE-2024-34585): Improper access control in SystemUI
- SVE-2024-0148(CVE-2024-34595): Improper access control in SystemUI
- SVE-2024-0194(CVE-2024-20892): Improper verification of signature in FilterProvider
- SVE-2024-0440(CVE-2024-20893): Improper input validation in libmediaextractorservice.so
- SVE-2024-0490(CVE-2024-20894): Improper handling of exceptional conditions in Secure Folder
- SVE-2024-0547(CVE-2024-20895): Improper access control in Dar service
- SVE-2024-0700(CVE-2024-20896): Use of implicit intent for sensitive communication in Configuration message
- SVE-2024-0716(CVE-2024-34584): Improper privilege management in SumeNNService
- SVE-2024-0772(CVE-2024-20899, CVE-2024-20898, CVE-2024-20897): Use of implicit intent for sensitive communication in FCM function in IMS service.
- SVE-2024-0788(CVE-2024-34586): Improper access control in KnoxCustomManagerService
- SVE-2024-0793(CVE-2024-34587): Improper input validation in librtp.so
- SVE-2024-0794(CVE-2024-34588): Improper input validation in librtp.so
- SVE-2024-0795(CVE-2024-34589): Improper input validation in librtp.so
- SVE-2024-0810(CVE-2024-34590): Improper input validation in librtp.so
- SVE-2024-0811(CVE-2024-34591): Improper input validation in librtp.so
- SVE-2024-0812(CVE-2024-34592): Improper input validation in librtp.so
- SVE-2024-0818(CVE-2024-34593): Improper input validation in librtp.so
- SVE-2024-0834(CVE-2024-20900): Improper authentication in MTP application
- SVE-2024-0851(CVE-2024-20901): Improper input validation in copying data to buffer cache in libsaped
- SVE-2024-0882(CVE-2024-34594): Exposure of sensitive information in proc file system