Updates

Samsung published July 2024 security patch details 

Posted on

Samsung has recently shared the July 2024 security patch details for Galaxy devices. These fixes aim to bolster the security and performance of Galaxy smartphones and tablets. Although the rollout of the July 2024 update is yet to commence.

As per the input, the July 2024 security patch bulletin mentions fixes 4 critical and 21 high-level of Android issues from Google. The update also addresses 2 exceptions CVEs that don’t affect Samsung devices.

The Korean tech giant has resolved 33 SVE items, focusing on areas like One UI Home, System UI, Secure Folder, Knox, System Property, Filter Provider, Configuration Message, IMS service, and more.

JOIN US ON TELEGRAM

Not only this but in July 2024, Samsung has also included patches for 2 serious hardware-specific problems. Below you can check the CVEs and SVEs that this July 2024 security patch resolves to maintain the reliability of your Galaxy devices.

Samsung July 2024 Security Patch Details 

Common Vulnerability Exposures – Details

Critical

  • CVE-2023-43556, CVE-2023-43538, CVE-2023-43551, CVE-2024-31320

High

  • CVE-2024-0671, CVE-2024-1065, CVE-2024-23698, CVE-2024-23696, CVE-2024-23697, CVE-2024-23695, CVE-2024-23711, CVE-2024-26926, CVE-2024-20066, CVE-2024-20068, CVE-2024-20067, CVE-2023-43542, CVE-2024-23363, CVE-2024-31331, CVE-2024-34720, CVE-2024-34723, CVE-2024-31332, CVE-2024-31339, CVE-2024-34722, CVE-2024-34721, CVE-2024-31338

Moderate

  • None

Already included in previous updates

  • None

Not applicable to Samsung devices

  • CVE-2024-20069, CVE-2024-20065

Samsung Semiconductor

High

  • CVE-2024-29153, CVE-2023-50805

Samsung Vulnerability Exposures – Details

  • SVE-2023-1279(CVE-2024-20888): Improper access control in OneUIHome
  • SVE-2023-1514(CVE-2024-34583): Improper access control in system property
  • SVE-2024-0067(CVE-2024-20890, CVE-2024-20889): Improper implementation in BLE
  • SVE-2024-0144(CVE-2024-20891): Improper access control in SystemUI
  • SVE-2024-0146(CVE-2024-34585): Improper access control in SystemUI
  • SVE-2024-0148(CVE-2024-34595): Improper access control in SystemUI
  • SVE-2024-0194(CVE-2024-20892): Improper verification of signature in FilterProvider
  • SVE-2024-0440(CVE-2024-20893): Improper input validation in libmediaextractorservice.so
  • SVE-2024-0490(CVE-2024-20894): Improper handling of exceptional conditions in Secure Folder
  • SVE-2024-0547(CVE-2024-20895): Improper access control in Dar service
  • SVE-2024-0700(CVE-2024-20896): Use of implicit intent for sensitive communication in Configuration message
  • SVE-2024-0716(CVE-2024-34584): Improper privilege management in SumeNNService
  • SVE-2024-0772(CVE-2024-20899, CVE-2024-20898, CVE-2024-20897): Use of implicit intent for sensitive communication in FCM function in IMS service.
  • SVE-2024-0788(CVE-2024-34586): Improper access control in KnoxCustomManagerService
  • SVE-2024-0793(CVE-2024-34587): Improper input validation in librtp.so
  • SVE-2024-0794(CVE-2024-34588): Improper input validation in librtp.so
  • SVE-2024-0795(CVE-2024-34589): Improper input validation in librtp.so
  • SVE-2024-0810(CVE-2024-34590): Improper input validation in librtp.so
  • SVE-2024-0811(CVE-2024-34591): Improper input validation in librtp.so
  • SVE-2024-0812(CVE-2024-34592): Improper input validation in librtp.so
  • SVE-2024-0818(CVE-2024-34593): Improper input validation in librtp.so
  • SVE-2024-0834(CVE-2024-20900): Improper authentication in MTP application
  • SVE-2024-0851(CVE-2024-20901): Improper input validation in copying data to buffer cache in libsaped
  • SVE-2024-0882(CVE-2024-34594): Exposure of sensitive information in proc file system

Click to comment

Must Read

Exit mobile version