One UI

Samsung March 2024 Security Patch Details Published!

Published

7 months ago

on

Samsung has announced the details of the March 2024 security patch for its Galaxy devices on the 4th day of the month. However, the company has already begun releasing the latest security update with the Galaxy S24 series.

The March 2024 security patch from Samsung addresses 2 critical,  35 high levels of CVEs for the Android operating system. However, 4 CVE was resolved by previous updates from the company, and 5 is not relevant to Galaxy devices.

Follow our socials → Google News | Telegram | X/Twitter | Facebook | WhatsApp

Besides Google patches, Samsung offers 9 SVE items to improve user experience. The latest security patch fixes various issues related to AppLock, Bootloader, some services, and more.

Android Patch Details

The fresh security update is based on the Android Security Bulletin – March 2024, which contains patches for 41 issues identified by Google.

Critical

  • CVE-2024-0039, CVE-2024-23717

High

  • CVE-2023-5091, CVE-2023-5249, CVE-2023-5643, CVE-2024-20011, CVE-2024-20007, CVE-2023-33046, CVE-2023-33072, CVE-2023-33060, CVE-2023-33076, CVE-2023-33058, CVE-2023-33049, CVE-2023-33057, CVE-2023-43523, CVE-2023-43522, CVE-2023-43536, CVE-2023-43533, CVE-2023-43513, CVE-2023-43516, CVE-2023-43534, CVE-2023-49668, CVE-2023-49667, CVE-2023-32842, CVE-2023-32841, CVE-2023-32843, CVE-2024-0044, CVE-2024-0046, CVE-2024-0048, CVE-2024-0049, CVE-2024-0050, CVE-2024-0051, CVE-2024-0053, CVE-2024-0047, CVE-2024-0045, CVE-2024-0052, CVE-2023-21135

Moderate

  • None

Already included in previous updates

  • CVE-2024-20010, CVE-2023-43520, CVE-2024-20003, CVE-2023-21234

Not applicable to Samsung devices

  • CVE-2024-20009, CVE-2024-20006, CVE-2023-43518, CVE-2023-43519, CVE-2023-40081

One UI Patch Details

Samsung also addressed 9 issues specific to its devices, such as improper access control vulnerability in CustomFrequencyManagerService, sensitive information exposure vulnerability in WlanTest, and more.

  • SVE-2023-1793(CVE-2024-20830): Incorrect default permission in AppLock
  • SVE-2023-2078(CVE-2024-20831): Stack overflow in bootloader
  • SVE-2023-2079(CVE-2024-20832): Heap overflow in bootloader
  • SVE-2023-2151(CVE-2024-20833): Use after free vulnerability in NETLINKFIPSCRYPTO
  • SVE-2023-2170(CVE-2024-20834): The sensitive information exposure vulnerability in WlanTest
  • SVE-2023-2382(CVE-2024-20835): Improper access control vulnerability in CustomFrequencyManagerService
  • SVE-2023-2385(CVE-2024-20836): Out of bounds Read vulnerability in libsubextractor.so
  • Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.
Related Topics:
Exit mobile version