One UI

Samsung August 2024 Security Patch Details Revealed

Published

1 month ago

on

Samsung has published the details of the August 2024 security patch for its Galaxy devices. It contains CVE and SVE items to improve the security and stability of the device to provide a better and more secure experience.

The update includes patches from both Google and Samsung, addressing various vulnerabilities and exposures in the Android operating system and Samsung’s software.

The Google patches cover up to the Android Security Bulletin – August 2024 package, which contains 1 critical level and 34 high-level CVEs. However, 1 CVE resolved by previous updates from the company, and 2 is not relevant to Galaxy devices.

On the other side, the Samsung patches include 14 Samsung Vulnerabilities and Exposures (SVE) items, which are specific to Samsung’s devices and applications. It fixes issues related to system service, Knox services, Galaxy Watch, and more.

Samsung August 2024 Security Patch Details:

Google Android Patches

Critical

  • CVE-2024-21461

High

  • CVE-2024-4610, CVE-2024-0153, CVE-2024-21460, CVE-2024-21465, CVE-2024-21469, CVE-2024-21462, CVE-2024-34724, CVE-2024-34725, CVE-2024-34726, CVE-2024-23373, CVE-2024-23372, CVE-2024-23368, CVE-2024-23380, CVE-2024-26923, CVE-2024-31334, CVE-2024-31335, CVE-2024-20077, CVE-2023-20971, CVE-2023-21351, CVE-2024-34731, CVE-2024-34735, CVE-2024-34737, CVE-2024-34738, CVE-2024-34739, CVE-2024-34740, CVE-2024-34741, CVE-2024-34743, CVE-2024-34736, CVE-2024-34742, CVE-2024-34727, CVE-2024-34745, CVE-2024-34746, CVE-2024-36971, CVE-2024-32896

Moderate

  • None

Already included in previous updates

  • CVE-2024-20076

Not applicable to Samsung devices

  • CVE-2024-34734, CVE-2024-34744

Samsung Semiconductors patches:

High

  • CVE-2024-3196

Samsung One UI Patches

  • SVE-2023-1910(CVE-2024-34609, CVE-2024-34608, CVE-2024-34607, CVE-2024-34606, CVE-2024-34605, CVE-2024-34604): Improper access control in several system services
  • SVE-2024-0861(CVE-2024-34610): Improper access control in ExtControlDeviceService
  • SVE-2024-0868(CVE-2024-34611): Improper access control in KnoxService
  • SVE-2024-0883(CVE-2024-34612): Out-of-bound write in libcodec2secmp4vdec.so
  • SVE-2024-0990(CVE-2024-34613): Improper access control in Galaxy Watch
  • SVE-2024-1064(CVE-2024-34614): Out-of-bound write in libsmat.so
  • SVE-2024-1105(CVE-2024-34615): Out-of-bound write in libsmat.so
  • SVE-2024-1173(CVE-2024-34616): Improper handling of insufficient permission in KnoxDualDARPolicy
  • SVE-2024-1185(CVE-2024-34617): Improper handling of insufficient permission in Telephony
  • SVE-2024-1200(CVE-2024-34618): Improper access control in System property
  • SVE-2024-1235(CVE-2024-34619): Improper input validation in librtp.so
  • SVE-2024-0716(CVE-2024-34620): Improper privilege management in SumeNNService

Some SVE items included in the Samsung Android Security Update cannot be disclosed now.
Related Topics:
Exit mobile version