Samsung September 2022 security patch details released

Samsung September 2022 patch details

Yesterday, Samsung started to roll out the September 2022 Android security patch updates to its eligible Galaxy devices and now it has officially released the September 2022 patch details, revealing all the bugs and issues that have been fixed.

According to the official information, this month’s patch fixes dozens of privacy and security-related vulnerabilities and exposures found in Galaxy smartphones. The details also mention some Google-offered bug fixes that were already released by Samsung last month.

JOIN SAMSUNG ON TELEGRAM

Furthermore, the Samsung September 2022 security patch details include 21 high levels and 3 moderate levels of CVEs. Meanwhile, the list does not mention any critical level of CVE whereas, the 4 noted are not applicable for Galaxy devices.

On the other flip, Samsung also reveals 29 One UI SVE items in order to provide users with a seamless performance of their Galaxy smartphone or tablet. Below you can check the complete details of Samsung’s September 2022 security patch.

Samsung September 2022 patch details

September SMR CVE Items:

Critical

  • None

High

  • CVE-2021-39815, CVE-2022-20122, CVE-2021-0947, CVE-2021-0946, CVE-2021-0698, CVE-2021-0887, CVE-2021-0891, CVE-2021-30259, CVE-2022-22062, CVE-2022-22070, CVE-2022-22067, CVE-2022-22822, CVE-2022-23852, CVE-2022-23990, CVE-2022-25314, CVE-2022-20218, CVE-2022-20392, CVE-2022-20393, CVE-2022-20395, CVE-2022-20398, CVE-2022-20396

Moderate

  • CVE-2022-20197, CVE-2020-0500, CVE-2020-0293

Already included in previous updates

  • CVE-2022-22080, CVE-2022-20239

Not applicable to Samsung devices

  • CVE-2022-22061, CVE-2022-22069, CVE-2022-22059, CVE-2022-25668

September SMR SVE Items:

SVE-2022-1254(CVE-2022-36847):

  • Use after free vulnerability in mtp_send_signal function of MTP driver

SVE-2022-1249(CVE-2022-36849):

  • Use after free vulnerability in sdp_mm_set_process_sensitive function of sdpmm driver

SVE-2022-1086(CVE-2022-36845), SVE-2022-1083(CVE-2022-36841), SVE-2022-1082(CVE-2022-36844), SVE-2022-1081(CVE-2022-36843), SVE-2022-1080(CVE-2022-36860), SVE-2022-1079(CVE-2022-36863), SVE-2022-1077(CVE-2022-36862), SVE-2022-1076(CVE-2022-36842), SVE-2022-1075(CVE-2022-36846), SVE-2022-1074(CVE-2022-36858)

  • A heap-based overflow vulnerability in libSDKRecognitionText.spensdk.samsung.so library

SVE-2022-1037(CVE-2022-36854):

  • Out of bound read in libapexjni.media.samsung.so

SVE-2022-0934(CVE-2022-36848):

  • Improper Authorization vulnerability in setDualDARPolicyCmd

SVE-2022-0899(CVE-2022-36852):

  • Improper Authorization vulnerability in Video Editor

SVE-2022-0853(CVE-2022-36861):

  • Custom permission misuse in SystemUI

SVE-2022-0815(CVE-2022-36853):

  • Intent redirection in Photo Editor

SVE-2022-0803(CVE-2022-36856):

  • Improper access control vulnerability in Telecom application

SVE-2022-0706(CVE-2022-36857):

  • Improper Authorization vulnerability in Photo Editor

SVE-2022-0702(CVE-2022-36850):

  • Path traversal vulnerability in CallBGProvider

SVE-2022-0619(CVE-2022-36855):

  • Use After Free vulnerability in iva_ctl driver

Source

I am writing about the latest news related to Samsung Electronics.
adbanner