Go straight to the menu Go straight to the text

Security Updates

Disclaimer

  • Please note that in some cases regular OS upgrades may cause delays to planned security updates. However, users can be rest assured the OS upgrades will include up-to-date security patches when delivered.
  • While we are doing our best to deliver the security patches as soon as possible to all applicable models, delivery time of security patches may vary depending on the regions and models.
  • Some patches to be received from chipset vendors (also known as Device Specific patches) may not be included in the security update package of the month. They will be included in upcoming security update packages as soon as the patches are ready to deliver.

Acknowledgements

Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.


Google patches include patches up to Android Security Bulletin – March 2021 package. The Bulletin (March 2021) contains the following CVE items:

Critical
CVE-2020-11170, CVE-2020-11163, CVE-2020-11272, CVE-2021-0397

High
CVE-2020-11271, CVE-2020-11282, CVE-2017-18509, CVE-2020-11286, CVE-2020-11177, CVE-2020-11187, CVE-2020-11253, CVE-2020-11281, CVE-2020-11296, CVE-2020-11269, CVE-2020-11275, CVE-2020-11280, CVE-2020-11287, CVE-2020-11276, CVE-2020-11270, CVE-2020-11297, CVE-2020-11278, CVE-2021-0395, CVE-2021-0391, CVE-2021-0398, CVE-2017-14491, CVE-2021-0393, CVE-2021-0396, CVE-2021-0390, CVE-2021-0392, CVE-2021-0394

Moderate
None

Already included in previous updates
CVE-2020-11180, CVE-2020-11277

Not applicable to Samsung devices
CVE-2020-11283


※ Please see Android Security Bulletin for detailed information on Google patches.


Along with Google patches, Samsung Mobile provides 19 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR March-2021 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.


SVE-2021-19153 (CVE-2021-25335): Hidden notification contents leak over the lockscreen

Severity: Low
Affected versions: Q(10.0) devices with ONEUI 2.5
Reported on: October 6, 2020
Disclosure status: Privately disclosed.
An improper lockscreen status check in cocktailbar service prior to SMR MAR-2021 Release 1 allows unauthenticated users to see hidden notification contents over the lockscreen in specific conditions.
The patch adds the proper lockscreen status check to prevent hidden notification contents leak.


SVE-2021-19527 (CVE-2021-25337): Arbitrary file read/write vulnerability via unprotected clipboard content provider

Severity: Moderate
Affected versions: P(9.0), Q(10.0), R(11.0) devices except ONEUI 3.1 in R(11.0)
Reported on: November 3, 2020
Disclosure status: Privately disclosed.
An improper access control in clipboard service prior to SMR MAR-2021 Release 1 allows untrusted applications to read or write arbitrary files in the device.
The patch adds the proper caller check to prevent improper access to clipboard service.


SVE-2021-19553 (CVE-2021-25336): Improper access control in NotificationManagerService

Severity: Moderate
Affected versions: P(9.0), Q(10.0)
Reported on: November 6, 2020
Disclosure status: Privately disclosed.
An improper access control in NotificationManagerService prior to SMR MAR-2021 Release 1 allows untrusted applications to acquire notification access.
The patch adds higher permission not to allow untrusted access to notification contents.


SVE-2021-19731 (CVE-2021-25339): EL2 memory can be corrupted with HArx HVC call

Severity: High
Affected versions: Q(10.0), R(11.0) devices with Exynos 9830 chipset
Reported on: November 24, 2020
Disclosure status: Privately disclosed.
An improper address validation in HArx prior to SMR MAR-2021 Release 1 allows EL2 memory corruption using compromised kernel.
The patch adds the proper address validation in HArx to prevent EL2 memory corruption.


SVE-2021-19759 (CVE-2021-25338): RKP region list is writable by EL1

Severity: High
Affected versions: Q(10.0), R(11.0) devices with Exynos 9830 chipset
Reported on: November 25, 2020
Disclosure status: Privately disclosed.
An improper memory access control in RKP prior to SMR MAR-2021 Release 1 allows attackers to write some part of RKP EL2 memory region using compromised kernel.
The patch adds the proper memory access control in RKP to make EL2 memory region inaccessible.


SVE-2021-19945 (CVE-2021-25344): Serial number leak

Severity: High
Affected versions: Q(10.0), R(11.0)
Reported on: December 15, 2020
Disclosure status: Privately disclosed.
Missing permission check in knox_custom service prior to SMR Mar-2021 Release 1 allows attackers to get device’s serial number without permission.
The patch adds proper permission check on the API to get serial number.


SVE-2021-20009 (CVE-2021-25345): Kernel panic by graphic format mismatch

Severity: Low
Affected versions: Q(10.0), R(11.0) devices with Exynos chipsets
Reported on: December 21, 2020
Disclosure status: Privately disclosed.
Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format.
The patch addressed the issue.

Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.


Acknowledgements
We truly appreciate the following researchers for helping Samsung to improve the security of our products.

GSerg: SVE-2021-19153
Shaechi Security Lab: SVE-2021-19527
Ryan Johnson: SVE-2021-19553
Aleksandr Tarasikov: SVE-2021-19731, SVE-2021-19759
Xia Guangshuai & Zhang Qing of ByteDance, Bai Guangdong of The University of Queensland: SVE-2021-19945
Ben Toson: SVE-2021-20009
Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.


Google patches include patches up to Android Security Bulletin – February 2021 package. The Bulletin (February 2021) contains the following CVE items:

Critical
CVE-2021-0325(O8.1, P9), CVE-2021-0326, CVE-2020-11182, CVE-2020-11134

High
CVE-2021-0325(Q10, R11), CVE-2020-10732, CVE-2020-11126, CVE-2020-11159, CVE-2020-11233, CVE-2020-11235, CVE-2020-11238, CVE-2020-11239, CVE-2020-11240, CVE-2020-11241, CVE-2020-11250, CVE-2020-11261, CVE-2020-11262, CVE-2021-0301, CVE-2021-0302, CVE-2021-0305, CVE-2021-0314, CVE-2021-0327, CVE-2021-0328, CVE-2021-0329, CVE-2021-0330, CVE-2021-0331, CVE-2021-0332, CVE-2021-0333, CVE-2021-0334, CVE-2021-0335, CVE-2021-0336, CVE-2021-0337, CVE-2021-0338, CVE-2021-0339, CVE-2021-0340, CVE-2021-0341

Moderate
None

Already included in previous updates
CVE-2020-11181, CVE-2020-11260

Not applicable to Samsung devices
CVE-2020-10767, CVE-2020-10766


※ Please see Android Security Bulletin for detailed information on Google patches.


Along with Google patches, Samsung Mobile provides 11 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR February-2021 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.


SVE-2021-18243 (CVE-2021-25340): Arbitrary Settings change using Samsung keyboard

Severity: Moderate
Affected Versions: Q(10.0)
Reported on: July 06, 2020
Disclosure status: Privately disclosed.
Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1 allows arbitrary change in Settings during Initialization State.
The patch adds proper access control for additional functions of Samsung keyboard.


SVE-2021-19221 (CVE-2021-25334): Local permanent DoS vulnerability in wallpaper service

Severity: High
Affected versions: P(9.0), Q(10.0) , R(11.0)
Reported on: October 12, 2020
Disclosure status: Privately disclosed.
An improper input check in wallpaper service prior to SMR Feb-2021 Release 1 results in permanent denial of service from using the device.
The patch adds the proper input validation to prevent local permanent denial of service.


SVE-2021-19482: Address leakage vulnerability in libhwui library

Severity: Low
Affected versions: Q(10.0) , R(11.0)
Reported on: October 31, 2020
Disclosure status: Privately disclosed.
Unnecessary logs in libhwui library version prior to SMR Feb-2021 Release 1 allows leakage of object address.
The patch fixes incorrect implementation of address logging.


SVE-2021-19507 (CVE-2021-25330): Possible access to non-existent provider

Severity: Moderate
Affected versions: Select Q(10.0) devices
Reported on: November 3, 2020
Disclosure status: Privately disclosed.
Calling of non-existent provider in MobileWips application prior to SMR Feb-2021 Release 1 allows unauthorized actions including denial of service attack by hijacking the provider.
The patch blocks access to MobileWips content provider in case MobileWips is not supported.


SVE-2021-19528 (CVE-2021-25347): Hijacking vulnerability in Samsung Email

Severity: Low
Affected versions: P(9.0), Q(10.0), R(11.0)
Reported on: November 03, 2020
Disclosure status: Privately disclosed.
Hijacking vulnerability in Samsung Email application version prior to SMR Feb-2021 Release 1 allows attackers to intercept when the provider is executed.
The patch adds the proper signature check for Samsung Email.

Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.


Acknowledgements
We truly appreciate the following researchers for helping Samsung to improve the security of our products.

조승현: SVE-2021-18243
Yunxuan Qu and Zhenjiang Zhao @ Panguite Forensics Lab of Qianxin: SVE-2021-19482
Zhongquan Li @ Xiaomi AIoT Security Lab: SVE-2021-19221, SVE-2021-19507, SVE-2021-19528
Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.


Google patches include patches up to Android Security Bulletin – January 2021 package. The Bulletin (January 2021) contains the following CVE items:

Critical
CVE-2020-0457

High
CVE-2020-0466, CVE-2020-0465, CVE-2020-0444, CVE-2020-0455, CVE-2020-0456, CVE-2020-11138, CVE-2020-11139, CVE-2020-3685, CVE-2020-11143, CVE-2020-11136, CVE-2020-11137, CVE-2020-3691, CVE-2020-3686, CVE-2020-11140, CVE-2020-11179, CVE-2020-11146, CVE-2020-11145, CVE-2020-11144, CVE-2020-11200, CVE-2020-11214, CVE-2020-11215, CVE-2020-11212, CVE-2020-11213, CVE-2020-11119, CVE-2020-11225, CVE-2021-0313, CVE-2021-0303, CVE-2021-0306, CVE-2021-0307, CVE-2021-0310, CVE-2021-0315, CVE-2021-0317, CVE-2021-0318, CVE-2021-0319, CVE-2021-0304, CVE-2021-0309, CVE-2021-0321, CVE-2021-0322, CVE-2019-9376, CVE-2020-15999, CVE-2016-6328, CVE-2021-0311, CVE-2021-0312, CVE-2021-0316, CVE-2020-0471, CVE-2021-0308, CVE-2021-0320

Moderate
None

Already included in previous updates
CVE-2020-11167, CVE-2020-11185

Not applicable to Samsung devices
CVE-2020-11217, CVE-2020-11197, CVE-2020-0016, CVE-2020-0019, CVE-2020-11216


※ Please see Android Security Bulletin for detailed information on Google patches.


Along with Google patches, Samsung Mobile provides 9 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR January-2021 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.


SVE-2020-18731: Buffer overflow in bluetooth UART driver

Severity: Moderate
Affected versions: Selected O(8.x), P(9.0), Q(10.0) devices using Broadcom bluetooth chipsets
Reported on: August 19, 2020
Disclosure status: Privately disclosed.
A possible buffer overflow exists in selected broadcom bluetooth UART driver.
The patch adds proper validation of the buffer length.


SVE-2020-18811 (CVE-2021-25346): Memory corruption in quram library with decoding dng

Severity: High
Affected versions: O(8.x), P(9.0), Q(10.0) devices
Reported on: September 6, 2020
Disclosure status: Privately disclosed.
A possible arbitrary memory overwrite vulnerabilities in quram library allow arbitrary code execution.
The patches add the proper validation of the buffer length.


SVE-2020-19174: Out of bounds access vulnerability in mail GPU driver

Severity: Moderate
Affected versions: O(8.x), P(9.0), Q(10.0), R(11.0) devices with Exynos chipsets
Reported on: October 7, 2020
Disclosure status: Privately disclosed.
An improper boundary check in mali GPU driver allows out of bounds memory access resulting in device reset.
The patch adds proper boundary check code to prevent out of bounds access.

Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.


Acknowledgements
We truly appreciate the following researchers for helping Samsung to improve the security of our products.

Jiska Classen: SVE-2020-18731
Anonymous: SVE-2020-18811
9462ACEE94608EA1643688D026AA95DD: SVE-2020-19174