Connect with us

Firmware

Samsung Illustrated June 2022 Security Patches: Many Vulnerabilities Solved & Models

Published

2 years ago

on


In recent years Samsung has proven very active in software updates for its smartphones on the market, especially in the field of security. Monthly patches are notoriously distributed promptly, often even before the reference month.

For Android security patches updated in June 2022, there were no exceptions, with Samsung starting distribution for a couple of weeks, which is, since the end of May.

We know that the South Korean manufacturer prefers the wording Security Maintenance Release (SMR) for its security updates. These software updates always consist of two parts. In fact, they contain Google’s monthly security patches for the Android operating system and those specifically handled by Samsung.

In recent hours Samsung has also illustrated what they contain: in total, we find 65 fixes, 4 of them with critical vulnerabilities, 14 with high-risk vulnerabilities, and 13 with moderate-risk vulnerabilities. Of these 65 fixes, 48 were provided by Google because they were detected at the Android system level, while Samsung implemented the rest because it was detected at the OneUI level.

Moving on to the second part of the May 2022 update, the one specific to Samsung devices, the manufacturer lists fixes for as many as 32 Samsung Vulnerabilities and Exposures (EVS). Here are the most relevant ones:

  • SVE-2021-23082(CVE-2022-28794): Sensitive information exposure in low battery dumpstate log.
  • SVE-2021-24033(CVE-2022-30709): Improper input validation check logic in SECRIL.
  • SVE-2022-0092(CVE-2022-30710, CVE-2022-30711, CVE-2022-30712, CVE-2022-30713): Improper validation in RemoteViews, FeedsInfo, KfaOptions and LSOItemData.
  • SVE-2022-0100(CVE-2022-30714): Information exposure vulnerability in SemIWCMonitor
  • SVE-2022-0138(CVE-2022-30715): Improper access control vulnerability in DofViewer.
  • SVE-2022-0254(CVE-2022-30716): Unprotected broadcast in DisplayToast.
  • SVE-2022-0258(CVE-2022-30717): Improper caller check in AR Emoji.
  • SVE-2022-0392(CVE-2022-30719): Improper input validation check logic in libsmkvextractor.
  • SVE-2022-0393(CVE-2022-30720): Improper input validation check logic in libsmkvextractor.
  • SVE-2022-0412(CVE-2022-30721): Improper input validation check logic in libsmkvextractor.
  • SVE-2022-0507(CVE-2022-30722): Bypass of Samsung Account confirmation via hijacking implicit intent.
  • SVE-2022-0526, SVE-2022-0534, and SVE-2022-0535(CVE-2022-30723, CVE-2022-30724, CVE-2022-30725): Leak of MAC address of connected Bluetooth device.
  • SVE-2022-0691(CVE-2022-30726): Unprotected component vulnerability in SecSettingsIntelligence.
  • SVE-2022-0793(CVE-2022-30727): Improper handling of insufficient permissions in PersonaManagerService.
  • SVE-2022-1203(CVE-2022-30728): Information exposure vulnerability in ScanPool.
  • SVE-2022-0504(CVE-2022-30729): Hijacking of Wi-Fi SSID and password in Settings.

For more details on all 32 manufacturer-specific fixes, you can refer to Samsung’s official website at this link.

June security patches are being deployed to all Samsung models supported by the monthly update program. Clearly timing can vary as much depending on your smartphone model and your geographic residence.

Samsung models will receive the June 2022 security patches

First of all, it must be said that not all Samsung-branded devices will receive the Security Maintenance Release of June 2022, however the recipients will still be numerous. In fact, all you have to do is visit the manufacturer’s website to find first of all the list of models that receive monthly updates, which includes:

  • Galaxy Fold, Galaxy Fold 5G, Galaxy Z Fold2, Galaxy Z Fold2 5G, Galaxy Z Fold3 5G, Galaxy Z Flip, Galaxy Z Flip 5G, Galaxy Z Flip3 5G
  • Galaxy S10 Lite
  • Galaxy S20, Galaxy S20 5G, Galaxy S20+, Galaxy S20+ 5G, Galaxy S20 Ultra, Galaxy S20 Ultra 5G, Galaxy S20 FE, Galaxy S20 FE 5G, Galaxy S21 5G, Galaxy S21+ 5G, Galaxy S21 Ultra 5G, Galaxy S21 FE 5G, Galaxy S22, Galaxy S22+, Galaxy S22 Ultra
  • Galaxy Note10, Galaxy Note10 5G, Galaxy Note10+, Galaxy Note10+ 5G, Galaxy Note10 Lite, Galaxy Note20, Galaxy Note20 5G, Galaxy Note20 Ultra, Galaxy Note20 Ultra 5G
  • Enterprise Models: Galaxy A52, Galaxy A52 5G, Galaxy A52s 5G, Galaxy A53 5G, Galaxy XCover4s, Galaxy Xcover FieldPro, Galaxy Xcover Pro, Galaxy Xcover5

To all these must be added other smartphones and tablets from the other official lists, namely: some devices with quarterly updates — such as Samsung Galaxy Tab S7 FE, Samsung Galaxy S10, Galaxy S10+ and Galaxy S10e —, others with semi-annual updates and wearables (currently only Samsung Galaxy Watch4 and Samsung Galaxy Watch4 Classic are listed). Full lists are available on the official website at this link.


Related Topics:

Harsh is a seasoned technology enthusiast with a deep passion for Android. Since its announcement in 2007, he has closely followed the evolution of this operating system, gaining a comprehensive understanding of its features and capabilities. His background in Android, IT, and Journalism has equipped him with the skills to analyze and present complex technological concepts in a clear and engaging manner. As the Editor-in-Chief at Samlover.com, Harsh is dedicated to sharing his knowledge and experiences about Android, services, and applications with the world.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Firmware

Galaxy S24 Series received May 2024 Security Update in the US

Published

20 hours ago

on

May 8, 2024

By


Yesterday, Samsung published the May 2024 security patch details on its official SMR page. Now that the Galaxy S24 devices have received the update, the device users will be the first to experience the new security patch update.

The information indicates that the Galaxy S24 units are currently receiving the update in the US market, with plans to expand to other countries soon. Specifically, the ATT-locked variants of the Galaxy S24, Galaxy S24+, and Galaxy S24 Ultra smartphones are receiving a May 2024 security patch update with the firmware version number S92*USQS2AXD3.

The May 2024 security patch is a part of Google’s Android security maintenance program, so don’t be too excited because it will be limited to bringing some security-related enhancements that are executed under the device backend. However, if the company has addressed any issues that directly link to the user end, then it is also possible that the update may address some other system issues as well.

According to the official documentation, the May 2024 security patch will bring more than 50 fixes, whereas Google has added 31 fixes that address issues related to the Android OS. Meanwhile, Samsung has also added 25 more fixes that eradicate the security vulnerabilities related to the Galaxy devices.

If you are using the US ATT-locked variant of the Galaxy S24 smartphone, you should update it to the latest version. To do that, you just need to go to the system settings and then tap on the software update. If you find that new update available, hit the download button.

Follow Sam Lover on Your Favorite Social Media Platforms


Continue Reading

Firmware

Samsung Ends Software Support for Some Galaxy Models, But Newer Ones Get Added

Published

2 days ago

on

May 7, 2024

By


Samsung has recently published the May 2024 security bulletin on its official site. With this documentation, the company is not limited to sharing the software details but also refreshing the scope tab, where it mentions the devices that are eligible to get security updates according to the frequency.

For your information, Samsung has made three lists of devices: one list is named as the current monthly update, the second list includes the quarterly update devices, and the third list is the biannual security update devices. For starters, in the first list, all the devices mentioned are eligible to get updates every month, while the second list holds the devices that are eligible to get four updates per year, and the last one has the devices that are only eligible to get two updates per year.

Samsung follows the policy of giving security patch updates to certain years, so when the device reaches a limit, it is freely removed from the list, or if any device is running in the last year of its retirement, the company changes the frequency of them. The company will make a few changes with the latest May 2024 security patch.

Samsung removes these devices from the update list and also welcomes new ones

Samsung has made strict decisions in terms of its pre-decided software update policy. Now,  with the fresh set of changes, the Galaxy A71, Galaxy A31, Galaxy A11, and Galaxy M11 are removed from the list. All four devices have reached their limit; the Galaxy A71 and Galaxy A31 were released back in 2020 with the eligibility of five years of software support, while other devices belonging to the budget range that were released in 2020 are only eligible to get four years of software support.

Apart from removing the device, the company has also welcomed some new devices, including the Galaxy C55 5G and the Galaxy M55 5G. The company has also changed the security of the Galaxy A52 4G (Enterprise model).

Follow Sam Lover on Your Favorite Social Media Platforms


Continue Reading

Firmware

Samsung May 2024 Security Patch Addresses Over 50 Vulnerabilities in Galaxy Devices

Published

2 days ago

on

May 7, 2024

By


Samsung has officially published the details of the upcoming May 2024 security patch update for Galaxy devices. For your information, with every new security patch update, the company aims to apply new codes that improve the device’s mechanism and make it able to work against external threats. Let’s explore how the May 2024 security patch will enhance the devices’ security.

Samsung One UI May 2024 security patch details

According to the documentation, the May 2024 security brought more than 50 fixes for resolving the issues in the internal functions. In detail, Google has included 31 patches, where 3 issues are addressed under the critical head, 27 issues are addressed under the high head, and 1 is categorized as moderate. For your information, all three heads represent the sensitivity of the issues. Apart from these, Samsung has also added 25 patches that will exclusively enhance the security of Galaxy devices.

Samsung added some more patches for Galaxy devices

As Google provided the patches according to the previously identified issues on the Android devices, Samsung is also doing the same but limitedly for its Galaxy devices. According to the information, there are 25 patches included that will fix several issues on the Galaxy devices. However, the Korean giant doesn’t provide full details about those fixes, but on the basis of the SVE details, the company will address several issues related to existing functions, including secure folders, cameras, bootloaders, DarManager services, and server authentication bypass vulnerabilities identified in several stock services.

Samsung May 2024 security patch-eligible devices 

Along with the May 2024 security patch details, Samsung has also shared the scope of the devices eligible for Galaxy devices. In this list, there are some devices listed under the monthly security update eligible devices that will get the May 2024 security patch. Check out all the devices below:

  • Galaxy Z Fold2 5G, Galaxy Z Fold3 5G, Galaxy Z Flip3 5G, Galaxy Z Fold4, Galaxy Z Flip4, Galaxy Z Fold5, Galaxy Z Flip5, W23, W23 flip, W24, W24 flip
  • Galaxy S20 FE, Galaxy S20 FE 5G, Galaxy S21 5G, Galaxy S21+ 5G, Galaxy S21 Ultra 5G, Galaxy S21 FE 5G, Galaxy S22, Galaxy S22+, Galaxy S22 Ultra, Galaxy S23, Galaxy S23+, Galaxy S23 Ultra, Galaxy S23 FE, Galaxy S24, Galaxy S24+, Galaxy S24 Ultra
  • Galaxy Note20, Galaxy Note20 5G, Galaxy Note20 Ultra, and Galaxy Note20 Ultra 5G
  • Enterprise Models: Galaxy A52s 5G, Galaxy A53 5G, Galaxy A54 5G, Galaxy A55 5G, Galaxy Xcover5, Galaxy Xcover6 Pro, Galaxy Xcover7

Continue Reading