Samsung reveals July 2024 security patch, Check out what’s new

Samsung has shared details about its upcoming July 2024 security update for Galaxy devices. Although the rollout hasn’t started yet, this update aims to make the devices safer and work better.

The July 2024 Security Maintenance Release (SMR) includes patches from both Google and Samsung. Google’s contribution addresses 4 serious and 21 less serious Android issues, though 2 of these do not affect Samsung devices.

Samsung has fixed 33 of its own security problems, focusing on areas like One UI Home, System UI, Secure Folder, Knox, and more. Additionally, this update includes a patch from Samsung that resolves 2 serious hardware-specific problems.

Samsung July 2024 Security Patch Changelog

Samsung reveals July 2024 security patch, Check out what's new
Samsung reveals July 2024 security patch, Check out what’s new

Android Patch Details

Critical

  • CVE-2023-43556, CVE-2023-43538, CVE-2023-43551, CVE-2024-31320

High

  • CVE-2024-0671, CVE-2024-1065, CVE-2024-23698, CVE-2024-23696, CVE-2024-23697, CVE-2024-23695, CVE-2024-23711, CVE-2024-26926, CVE-2024-20066, CVE-2024-20068, CVE-2024-20067, CVE-2023-43542, CVE-2024-23363, CVE-2024-31331, CVE-2024-34720, CVE-2024-34723, CVE-2024-31332, CVE-2024-31339, CVE-2024-34722, CVE-2024-34721, CVE-2024-31338

Moderate

  • None

Already included in previous updates

  • None

Not applicable to Samsung devices

  • CVE-2024-20069, CVE-2024-20065

Samsung Semiconductor

Samsung Semiconductor patch is also included in this Security Maintenance Release with the following CVE item:

High

  • CVE-2024-29153, CVE-2023-50805

One UI Patch Details

  • SVE-2023-1279(CVE-2024-20888): Improper access control in OneUIHome
  • SVE-2023-1514(CVE-2024-34583): Improper access control in system property
  • SVE-2024-0067(CVE-2024-20890, CVE-2024-20889): Improper implementation in BLE
  • SVE-2024-0144(CVE-2024-20891): Improper access control in SystemUI
  • SVE-2024-0146(CVE-2024-34585): Improper access control in SystemUI
  • SVE-2024-0148(CVE-2024-34595): Improper access control in SystemUI
  • SVE-2024-0194(CVE-2024-20892): Improper verification of signature in FilterProvider
  • SVE-2024-0440(CVE-2024-20893): Improper input validation in libmediaextractorservice.so
  • SVE-2024-0490(CVE-2024-20894): Improper handling of exceptional conditions in Secure Folder
  • SVE-2024-0547(CVE-2024-20895): Improper access control in Dar service
  • SVE-2024-0700(CVE-2024-20896): Use of implicit intent for sensitive communication in Configuration message
  • SVE-2024-0716(CVE-2024-34584): Improper privilege management in SumeNNService
  • SVE-2024-0772(CVE-2024-20899, CVE-2024-20898, CVE-2024-20897): Use of implicit intent for sensitive communication in FCM function in IMS service.
  • SVE-2024-0788(CVE-2024-34586): Improper access control in KnoxCustomManagerService
  • SVE-2024-0793(CVE-2024-34587): Improper input validation in librtp.so
  • SVE-2024-0794(CVE-2024-34588): Improper input validation in librtp.so
  • SVE-2024-0795(CVE-2024-34589): Improper input validation in librtp.so
  • SVE-2024-0810(CVE-2024-34590): Improper input validation in librtp.so
  • SVE-2024-0811(CVE-2024-34591): Improper input validation in librtp.so
  • SVE-2024-0812(CVE-2024-34592): Improper input validation in librtp.so
  • SVE-2024-0818(CVE-2024-34593): Improper input validation in librtp.so
  • SVE-2024-0834(CVE-2024-20900): Improper authentication in MTP application
  • SVE-2024-0851(CVE-2024-20901): Improper input validation in copying data to buffer cache in libsaped
  • SVE-2024-0882(CVE-2024-34594): Exposure of sensitive information in proc file system

The patch details list specific CVE (Common Vulnerabilities and Exposures) numbers for both Android and Samsung-specific issues. These range from access control problems to improper input validation in various system components.

While the exact rollout date isn’t specified, Samsung users can expect to see this update become available on their devices in the coming weeks. As always, it’s recommended to install security updates promptly when they become available.

Source

Dibyashree Sharma
Dibyashree Sharma
Editorial Leader
Dibyashree Sharma graduated in Computer Science from NIT Rourkela. For the past eight years, she has been blogging about Android, which she is really passionate about. She has built a good reputation as a reliable source. Away from the digital sphere, Dibyashree enjoys playing tennis, a sport she is as passionate about as she is about technology.

Leave a Comment