Samsung Android Security Update for the month of April

Samsung Galaxy S23 RAM and memory configurations uncovered

The Pixel 7a could accompany a RAM redesign

How to flash Android firmware manually onto your Samsung device with Odin3

Download latest Samsung Firmwares Here

Foldable Wallet Phones from Samsung are Coming Next Year

Samsung Android Security Update for the month of April

21 April, 2016 Samsung

Samsung's security update for the month of April has now been released and is available for most major flagships to download as part of Samsung's monthly Security Maintenance Release or SMR. As is always the case, the package contains security patches from both Samsung and of course, Google. The SMR includes all 41 fixes from Google with the 35 CVE items as follows:

CVE-2016-1503(C), CVE-2014-6060(C), CVE-2016-0835(C), CVE-2016-0836(C), CVE-2016-0837(C), CVE-2016-0838(C), CVE-2016-0839(C), CVE-2016-0840(C), CVE-2016-0841(C), CVE-2016-0842(C), CVE-2016-0846(H), CVE-2016-0847(H), CVE-2016-0848(H), CVE-2016-0849(H), CVE-2016-0850(H), CVE-2016-2412(H), CVE-2016-2413(H), CVE-2016-2414(H), CVE-2016-2415(H), CVE-2016-2416(H), CVE-2016-2417(H), CVE-2016-2418(H), CVE-2016-2419(H), CVE-2016-2420(M), CVE-2016-2421(M), CVE-2016-2422(M), CVE-2016-2423(M), CVE-2016-2424(M), CVE-2016-2425(M), CVE-2016-2426(M), CVE-2016-2427(M), CVE-2016-1621(C), CVE-2016-0832(M), CVE-2016-0805(C), and CVE-2016-0806(C).

Index: (C) - Critical severity (H) - High severity (M) - Moderate severity and (L) - Low severity.

The main Samsung Vulnerabilities and Exposures (SVE) addressed in the SMR for April are as follows:

SVE-2016-5393: ACIPC-MSOCKET driver local privilege escalation Vulnerability (Critical)

The vulnerability allowed the attacker to cause a stack overflow and in the process, get privilege escalation. It has been fixed by correcting the code and by restricting access to the file itself. The critical vulnerability affected Marvell chipsets with JBP (4.2) and KK (4.4).

SVE-2016-5534: Non-existent Notification Listener App Vulnerability (High)

The threat affected the Galaxy S6 Edge by permitting all apps with a certain component name to get notified, irrespective of whether the actual application was installed or not. The issue is fixed by removing the component thoroughly from enabled notification listeners.

SVE-2016-5544: Clipboard Vulnerability (Medium)

Any device which was using Samsung clipboard was susceptible to the threat. It permits making of a race condition that allows access to the clipboard user data of Secure World, right from Normal World. It has been fixed through introduction of certain synchronization points which eliminate any chances of creating a race condition.

There are a few others, but they are undisclosed at the moment for security reasons.

Source

Description

Our Mission is Keeping you updated with Latest Android News and Updates as it Happens!

ABOUT USCONTACT USSERVICES