Samsung has already rolled out the May 2020 security patch to some of its smartphones, including the Galaxy S20 series. The company has now revealed the details of the May 2020 security patch.
Along with Google security patches, Samsung provides 19 Samsung Vulnerabilities and Exposures (SVE) items, in order to improve customer’s confidence in the security of Samsung Mobile devices.
One UI 3.0: list of eligible Samsung devices that will get the Android 11
In the May 2020 security patch, the company fixed 9 critical vulnerabilities in the Android OS, along with several high and moderate-risk vulnerabilities.
Join our Samsung Channel on Telegram:
Issues fixed in the May 2020 security patch:
- A possible heap-based buffer overflow vulnerability in bootloader allows secure boot bypass. The patch adds proper validation to prevent buffer overflow.
- A possible memory overwrites vulnerability in Quram qmg library allows possible remote arbitrary code execution. The patch adds proper validation to prevent memory overwrite.
- A possible memory overwrites vulnerability in Quram imagecodec library allows arbitrary code execution. The patch adds proper validation to prevent memory overwrite.
- An invalid input check vulnerability in Gatekeeper trustlet allows the brute-forcing attack to user credential. The patch adds the proper input validation to prevent the brute-forcing attack.
- A vulnerability in selected Broadcom Bluetooth chipset uses PRNG with low entropy resulting in a possible spoofing attack.
The patch enables the use of HRNG within the Bluetooth chipset.
- A vulnerability allows access to clipboard information via USSD in the locked state. The patch blocks access clipboard contents in dialog on the Lockscreen.
- A possible heap overflow vulnerability exists in bootloader when handling specific commands. The patch adds proper validation to prevent buffer overflow.
- A vulnerability allows unauthorized change of preferred SIM card in a locked state. The patch blocks changing preferred SIM Card while in the locked state.
Note: Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.
Samsung Galaxy devices that have received the May 2020 security patch:
- Galaxy S20
- Galaxy S20+
- Galaxy S20 Ultra
- Galaxy Fold
- Galaxy Note 10
- Galaxy Note 10+
- Galaxy S10e
- Galaxy S10
- Galaxy S10+
- Galaxy S10 5G
- Galaxy A50
- Galaxy Z Flip