Key Points
- Samsung released May 2024 security patch details for Galaxy devices.
- The bulletin includes fixes for a total of 45 Vulnerability Exposures.
- May 2024 security update will fix 33 CVE and 12 SVE items.
- Samsung will begin the rollout of the May 2024 security patch for Galaxy devices soon.
Samsung today officially shared the details about the fixes and improvements that the May 2024 security patch will bring for Galaxy devices. However, the rollout of the May 2024 security update has not yet started for the eligible devices, we can expect its commencement soon.
According to Samsung’s Monthly Security Release bulletin, the May 2024 update will fix a total of 45 vulnerability exposures among which, 33 are from Google including 3 Critical, 26 High, and 1 Moderate level of CVE. While the patch also mentions fixes for 12 SVE items from One UI.
JOIN US ON TELEGRAM
Below you can check all the Common Vulnerability Exposures and Samsung Vulnerability Exposures that this May 2024 security patch resolves to reduce the risk of system crashes and data loss.
Samsung May 2024 Security Patch Details
Common Vulnerability Exposures (CVEs)
The May 2024 security patch will fix 33 common vulnerability exposures from Google including 3 critical, 26 High, and 1 Moderate level. Besides, 1 CVE item is already included in previous updates and 2 are not applicable to Samsung devices.
Critical
CVE-2023-28582, CVE-2024-23706, CVE-2024-23700
High
CVE-2024-0042, CVE-2024-20039, CVE-2024-20040, CVE-2024-21463, CVE-2023-33115, CVE-2023-33096, CVE-2023-33103, CVE-2023-33084, CVE-2023-33095, CVE-2023-33104, CVE-2023-33086, CVE-2023-33101, CVE-2023-33100, CVE-2023-33099, CVE-2024-21468, CVE-2024-21472, CVE-2024-0024, CVE-2024-0025, CVE-2024-23705, CVE-2024-23708, CVE-2024-0043, CVE-2024-23707, CVE-2024-23709, CVE-2024-23703, CVE-2024-23701, CVE-2024-23702
Moderate
CVE-2024-20021
Already included in previous updates
CVE-2023-32890
Not applicable to Samsung devices
CVE-2023-28547, CVE-2023-33023
Samsung Vulnerability Exposures (SVEs)
The May 2024 update fixes 12 Samsung Vulnerability Exposures from One UI which are related to bypass in setupwizard, multitasking framework, improper authentication in a secure folder, improper access control of FactoryCamera, and more.
SVE-2023-1778(CVE-2024-20866): Authentication bypass vulnerability in Setupwizard
SVE-2023-2193(CVE-2024-20855): Improper access control vulnerability in multitasking framework
SVE-2023-2265(CVE-2024-20856): Improper Authentication vulnerability in Secure Folder
SVE-2024-0041(CVE-2024-20857): Improper access control vulnerability in CocktailBarService
SVE-2024-0042(CVE-2024-20858): Improper access control vulnerability in CocktailBarService
SVE-2024-0070(CVE-2024-20859): Improper access control vulnerability in FactoryCamera
SVE-2024-0071(CVE-2024-20860): Improper export of android application components vulnerability in TelephonyUI
SVE-2024-0092(CVE-2024-20861): Use after free vulnerability in SveService
SVE-2024-0096(CVE-2024-20862): Out-of-bounds write in SveService
SVE-2024-0185(CVE-2024-20863): Improper input validation vulnerability in SNAP in HAL
SVE-2024-0234(CVE-2024-20865): Authentication bypass in bootloader
SVE-2024-0357(CVE-2024-20864): Improper access control vulnerability in DarManagerService
