Samsung

Samsung June 2024 Security Patch Details Published

Published

6 months ago

on

Samsung has disclosed details of the June 2024 security patch, which includes various security enhancements, specifically CVE and SVE items to boost security. Although the release of the June 2024 security update has not started for Galaxy devices, it is expected to begin shortly.

June 2024 security patch for Samsung devices is ready to fix 37 high-level CVEs for the Android operating system. Notably, one of these CVEs has already been addressed in earlier updates from Samsung, and two of them do not apply to Galaxy devices.

In addition to the Google security fixes, Samsung is also including 22 SVE items in the update. These enhance the overall user experience. The latest security patch resolves several issues including those affecting the grid image display, battery statistics services, call verification, the Samsung Dialer app, and more.

Samsung June 2024 Security Patch Details

Android Patch Details

Critical

  • None

High

  • CVE-2023-6363, CVE-2024-1067, CVE-2024-1395, CVE-2023-4622, CVE-2023-32871, CVE-2023-32873, CVE-2024-20057, CVE-2024-20056, CVE-2023-43530, CVE-2024-21471, CVE-2024-23351, CVE-2024-23354, CVE-2023-43529, CVE-2024-21475, CVE-2024-21477, CVE-2023-21266, CVE-2024-31310, CVE-2024-31316, CVE-2024-31317, CVE-2024-31318, CVE-2024-31319, CVE-2024-31322, CVE-2024-31324, CVE-2024-31325, CVE-2024-31326, CVE-2024-31312, CVE-2024-31314, CVE-2023-21113, CVE-2023-21114, CVE-2024-31311, CVE-2024-31313, CVE-2024-31315, CVE-2024-31323, CVE-2024-31327, CVE-2024-31328, CVE-2024-31329, CVE-2024-31330

Moderate

  • None

Already included in previous updates

  • CVE-2023-33119

Not applicable to Samsung devices

  • CVE-2024-21480, CVE-2023-43531

One UI Patch Details

  • SVE-2023-2165(CVE-2024-20873): Improper input validation vulnerability in caminfo driver
  • SVE-2023-2325(CVE-2024-20874): Improper access control vulnerability in SmartManagerCN
  • SVE-2024-0035(CVE-2024-20885): Improper component protection vulnerability in Samsung Dialer
  • SVE-2024-0047(CVE-2024-20875): Improper caller verification vulnerability in SemClipboard
  • SVE-2024-0209(CVE-2024-20876): Improper input validation in libsheifdecadapter.so
  • SVE-2024-0225(CVE-2024-20877): Heap out-of-bound write vulnerability in parsing grid image header in libsavscmn.so
  • SVE-2024-0238(CVE-2024-20878): Heap out-of-bound write vulnerability in parsing grid image in libsavscmn.so
  • SVE-2024-0272(CVE-2024-20879): Improper input validation vulnerability in libsavscmn.so
  • SVE-2024-0341(CVE-2024-20880): Stack-based buffer overflow vulnerability in bootloader
  • SVE-2024-0434(CVE-2024-20881): Improper input validation vulnerability in chnactiv TA
  • SVE-2024-0462(CVE-2024-20882): Out-of-bounds read vulnerability in bootloader
  • SVE-2024-0538(CVE-2024-20883): Incorrect use of privileged API vulnerability in BatteryStatsService
  • SVE-2024-0539(CVE-2024-20884): Incorrect use of privileged API vulnerability in BatteryStatsService
Related Topics:
Exit mobile version