Samsung

Samsung releases April 2024 security patch details – Android CVEs, One UI SVEs

Published

3 months ago

on

Samsung started rolling out the April 2024 update in late March and the Galaxy S24 series became the first to receive it. Now, the company has released the details of its April 2024 security patch for Samsung devices.

April 2024 security patch details include patches from both Google and Samsung to address vulnerabilities and bugs affecting Android systems and Samsung devices. Google patches 1 critical and 26 high-level of CVEs for the Android operating system.

Follow our socials → Google News | Telegram | X/Twitter | Facebook | WhatsApp

Additionally, Samsung has also addressed 17 Samsung Vulnerabilities and Exposures (SVE) items to enhance security. It fixes issues related to Storage Manager Service, Out of bounds write, and more.

Android Patch Details

Critical

  • CVE-2023-28578

High

  • CVE-2023-6143, CVE-2023-6241, CVE-2024-20020, CVE-2024-20005, CVE-2024-20026, CVE-2024-20028, CVE-2024-20025, CVE-2024-20027, CVE-2024-20023, CVE-2024-20024, CVE-2023-33066, CVE-2023-43550, CVE-2023-33042, CVE-2023-43548, CVE-2023-43539, CVE-2023-43549, CVE-2023-43552, CVE-2023-43553, CVE-2024-23710, CVE-2024-23713, CVE-2024-0022, CVE-2024-23712, CVE-2024-23704, CVE-2023-21267, CVE-2024-0026, CVE-2024-0027

Moderate

  • None

Already included in previous updates

  • CVE-2024-20022

Not applicable to Samsung devices

  • CVE-2023-48424, CVE-2023-48425, CVE-2023-43546, CVE-2023-43547, CVE-2023-33105

One UI Patch Details

  • SVE-2023-2218(CVE-2024-20842): Improper Input Validation vulnerability in libsec-ril
  • SVE-2023-2269(CVE-2024-20844): Out-of-bounds write vulnerability in libsavsac.so
  • SVE-2023-2270(CVE-2024-20845): Out-of-bounds write vulnerability in libsavsac.so
  • SVE-2023-2271(CVE-2024-20846): Out-of-bounds write vulnerability in libsavsac.so
  • SVE-2023-2367(CVE-2024-20848): Out-of-bound write in libsdffextractor
  • SVE-2023-2368(CVE-2024-20849): Out-of-bound Write vulnerability in libsdffextractor
  • SVE-2023-2389(CVE-2024-20847): Improper Access Control vulnerability in StorageManagerService.
Related Topics:
Exit mobile version