Samsung has taken the lead in providing the March 2024 security patch update for the Galaxy devices; it has already rolled out the update for the Galaxy S24 devices in several regions. It has not only beaten Google, but even its official bulletin about the new security patch has revealed it. Let’s learn what it has brought this time.
Samsung Galaxy devices are getting 46 security vulnerability fixes with March patch
Samsung has released its official March 2024 security bulletin, and based on it, the new security patch will provide more than 40 fixes. Of those, 37 patches were added by Google, and there are two critical vulnerabilities addressed and 35 high-priority fixes addressed. Along with this, Samsung has also addressed nine more fixes that improve the internal functioning of the Galaxy devices exclusively.
Samsung addressed some sensitive internal function vulnerabilities
Samsung has addressed a total of nine security-related functioning issues. Going into detail, it has fixed the incorrect default permission in Applock, stack overflow in the bootloader, the sensitive information exposure from the WlanTest, and the improper access control vulnerability. With these extra security enhancements, the company will provide more stability to the device with the improvement of internal functions. If you want to learn more, check out the official bulletin information below.
Google addresses 41 security vulnerability issues.
Critical
CVE-2024-0039, CVE-2024-23717
High
CVE-2023-5091, CVE-2023-5249, CVE-2023-5643, CVE-2024-20011, CVE-2024-20007, CVE-2023-33046, CVE-2023-33072, CVE-2023-33060, CVE-2023-33076, CVE-2023-33058, CVE-2023-33049, CVE-2023-33057, CVE-2023-43523, CVE-2023-43522, CVE-2023-43536, CVE-2023-43533, CVE-2023-43513, CVE-2023-43516, CVE-2023-43534, CVE-2023-49668, CVE-2023-49667, CVE-2023-32842, CVE-2023-32841, CVE-2023-32843, CVE-2024-0044, CVE-2024-0046, CVE-2024-0048, CVE-2024-0049, CVE-2024-0050, CVE-2024-0051, CVE-2024-0053, CVE-2024-0047, CVE-2024-0045, CVE-2024-0052, CVE-2023-21135
Moderate
None
Already included in previous updates
CVE-2024-20010, CVE-2023-43520, CVE-2024-20003, and CVE-2023-21234
Not applicable to Samsung devices
CVE-2024-20009, CVE-2024-20006, CVE-2023-43518, CVE-2023-43519, and CVE-2023-40081
Exclusive patches added by Samsung for its Galaxy devices
- SVE-2023-1793 (CVE-2024-20830): Incorrect default permission in AppLock
- SVE-2023-2078 (CVE-2024-20831): Stack overflow in bootloader
- SVE-2023-2079 (CVE-2024-20832): Heap overflow in bootloader
- SVE-2023-2151 (CVE-2024-20833): Use after free vulnerability in NETLINKFIPSCRYPTO
- SVE-2023-2170 (CVE-2024-20834): The sensitive information exposure vulnerability in WlanTest
- SVE-2023-2382 (CVE-2024-20835): Improper access control vulnerability in CustomFrequencyManagerService
- SVE-2023-2385 (CVE-2024-20836): Out of bounds Read the vulnerability in libsubextractor.so.
- Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.
Samsung Devices that will get March 2024 Security Patch
- Galaxy Z Fold2 5G, Galaxy Z Fold3 5G, Galaxy Z Flip3 5G, Galaxy Z Fold4, Galaxy Z Flip4, Galaxy Z Fold5, Galaxy Z Flip5, W23, W23 flip, W24, W24 Flip
- Galaxy S20, Galaxy S20 5G, Galaxy S20+, Galaxy S20+ 5G, Galaxy S20 Ultra, Galaxy S20 Ultra 5G, Galaxy S20 FE, Galaxy S20 FE 5G, Galaxy S21 5G, Galaxy S21+ 5G, Galaxy S21 Ultra 5G, Galaxy S21 FE 5G, Galaxy S22, Galaxy S22+, Galaxy S22 Ultra, Galaxy S23, Galaxy S23+, Galaxy S23 Ultra, Galaxy S24, Galaxy S24+, Galaxy S24 Ultra
- Galaxy Note20, Galaxy Note20 5G, Galaxy Note20 Ultra, Galaxy Note20 Ultra 5G
- Enterprise Models: Galaxy A52, Galaxy A52 5G, Galaxy A52s 5G, Galaxy A53 5G, Galaxy A54 5G, Galaxy Xcover5, Galaxy Xcover6 Pro, Xcover7
