Samsung has announced the July 2024 security patch information for its Galaxy devices on the second day of the month. However, Galaxy smartphone users are still looking for the latest Android security patch, and it is expected that the company can get this update soon in the coming days.
Follow AndroidVogue on Twitter/X now!
The security bulletin lists all the vulnerabilities that have been fixed with this update, categorized according to the level of threat they posed to the platform. Some of them are specific performance and safety improvements for Samsung phones.
As for the part Samsung is concerned about, July 2024 security patches introduced the fix for 58 vulnerabilities, 33 of them Samsung-specific. It fixes related to One UI Home, System Property, System UI, Filter Provider, Secure Folder, Configuration Message, IMS service, Knox, MTP app, and more.
Samsung disclosed 4 critical, 21 High, 0 moderate, and 2 Not applicable to Samsung devices, level CVEs.
Follow AndroidVogue on Facebook!
Samsung July 2024 Security Patch Bulletin
Google patches include patches up to the Android Security Bulletin – July 2024 package. The Bulletin (July 2024) contains the following CVE items:
Critical
- CVE-2023-43556, CVE-2023-43538, CVE-2023-43551, CVE-2024-31320
High
- CVE-2024-0671, CVE-2024-1065, CVE-2024-23698, CVE-2024-23696, CVE-2024-23697, CVE-2024-23695, CVE-2024-23711, CVE-2024-26926, CVE-2024-20066, CVE-2024-20068, CVE-2024-20067, CVE-2023-43542, CVE-2024-23363, CVE-2024-31331, CVE-2024-34720, CVE-2024-34723, CVE-2024-31332, CVE-2024-31339, CVE-2024-34722, CVE-2024-34721, CVE-2024-31338
Moderate
- None
Already included in previous updates
- None
Not applicable to Samsung devices
- CVE-2024-20069, CVE-2024-20065
Samsung Semiconductor
High
- CVE-2024-29153, CVE-2023-50805
Follow AndroidVogue on Telegram!
One UI Patch Details
- SVE-2023-1279(CVE-2024-20888): Improper access control in OneUIHome
- SVE-2023-1514(CVE-2024-34583): Improper access control in system property
- SVE-2024-0067(CVE-2024-20890, CVE-2024-20889): Improper implementation in BLE
- SVE-2024-0144(CVE-2024-20891): Improper access control in SystemUI
- SVE-2024-0146(CVE-2024-34585): Improper access control in SystemUI
- SVE-2024-0148(CVE-2024-34595): Improper access control in SystemUI
- SVE-2024-0194(CVE-2024-20892): Improper verification of signature in FilterProvider
- SVE-2024-0440(CVE-2024-20893): Improper input validation in libmediaextractorservice.so
- SVE-2024-0490(CVE-2024-20894): Improper handling of exceptional conditions in Secure Folder
- SVE-2024-0547(CVE-2024-20895): Improper access control in Dar service
- SVE-2024-0700(CVE-2024-20896): Use of implicit intent for sensitive communication in Configuration message
- SVE-2024-0716(CVE-2024-34584): Improper privilege management in SumeNNService
- SVE-2024-0772(CVE-2024-20899, CVE-2024-20898, CVE-2024-20897): Use of implicit intent for sensitive communication in FCM function in IMS service.
- SVE-2024-0788(CVE-2024-34586): Improper access control in KnoxCustomManagerService
- SVE-2024-0793(CVE-2024-34587): Improper input validation in librtp.so
- SVE-2024-0794(CVE-2024-34588): Improper input validation in librtp.so
- SVE-2024-0795(CVE-2024-34589): Improper input validation in librtp.so
- SVE-2024-0810(CVE-2024-34590): Improper input validation in librtp.so
- SVE-2024-0811(CVE-2024-34591): Improper input validation in librtp.so
- SVE-2024-0812(CVE-2024-34592): Improper input validation in librtp.so
- SVE-2024-0818(CVE-2024-34593): Improper input validation in librtp.so
- SVE-2024-0834(CVE-2024-20900): Improper authentication in MTP application
- SVE-2024-0851(CVE-2024-20901): Improper input validation in copying data to buffer cache in libsaped
- SVE-2024-0882(CVE-2024-34594): Exposure of sensitive information in proc file system
Do you like this post? Kindly, let us know on X/Twitter: we love hearing your feedback! If you prefer using other social platforms besides X, follow/join us on Facebook.