Severity Level: High
Title:
Security Updates- Samsung
Summary:
Samsung Mobile has released the November 2024 Security Maintenance Release (SMR) for its major flagship models.
This update includes security patches from both Google and Samsung to address various vulnerabilities.
Samsung-specific Patches: 13 Samsung Vulnerabilities and Exposures (SVE) items fixed 1 high-severity Samsung Semiconductor vulnerability patched. High-Severity Vulnerabilities:
• CVE-2024-23369, CVE-2024-34733, CVE-2024-34732, CVE-2024-33049, CVE-2024-40651, CVE-2024-40649, CVE-2024-34748, CVE-2024-38399, CVE-2024-33069, CVE-2024-40670, CVE-2024-40669, CVE-2024-20103, CVE-2024-20094, CVE-2024-20090, CVE-2024-20091, CVE-2024-20092, CVE-2024-20093, CVE-2024-20100, CVE-2024-20101, CVE-2024-40660, CVE-2024-43081, CVE-2024-43085, CVE-2024-43093, CVE-2024-43082, CVE-2024-43084, CVE-2024-43086, CVE-2024-43091, CVE-2024-29779, CVE-2024-34719, CVE-2024-40661, CVE-2024-43080, CVE-2024-43087, CVE-2024-43088, CVE-2024-43089, CVE-2024-43090, CVE-2024-43083, CVE-2024-31330, CVE-2024-38402
• SVE-2024-1214(CVE-2024-49402): Improper input validation in Dressroom
• SVE-2024-1222(CVE-2024-34674): Improper access control in Contacts
• SVE-2024-1481(CVE-2024-34676): Out-of-bounds write in libsubextractor.so
• SVE-2024-1524(CVE-2024-34678): Out-of-bounds write in libsapeextractor.so
• SVE-2024-1666(CVE-2024-34681): Improper input validation in BluetoothAdapter
• CVE-2024-45185
Affected Versions: • Android 12, 13, and 14
Recommendations:.
applying the security updates recently released by Samsung.
References:
click here