Go straight to the menu Go straight to the text

Android Security Updates

Disclaimer

  • Please note that in some cases regular OS upgrades may cause delays to planned security updates. However, users can be rest assured the OS upgrades will include up-to-date security patches when delivered.
  • While we are doing our best to deliver the security patches as soon as possible to all applicable models, delivery time of security patches may vary depending on the regions and models.
  • Some patches to be received from chipset vendors (also known as Device Specific patches) may not be included in the security update package of the month. They will be included in upcoming security update packages as soon as the patches are ready to deliver.

Acknowledgements

Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.


Google patches include patches up to Android Security Bulletin - May 2019 package. The Bulletin (May 2019) contains the following CVE items:

Critical
CVE-2018-13886, CVE-2018-11271, CVE-2018-11940, CVE-2019-2044, CVE-2019-2045, CVE-2019-2046, CVE-2019-2047

High
CVE-2018-11299, CVE-2018-11828, CVE-2018-11870, CVE-2018-11859, CVE-2018-11872, CVE-2018-11884, CVE-2018-11873, CVE-2018-11853, CVE-2018-11871, CVE-2018-11880, CVE-2018-11822, CVE-2018-11861, CVE-2018-11877, CVE-2018-11850, CVE-2018-11849, CVE-2018-11874, CVE-2018-11821, CVE-2018-11875, CVE-2018-11856, CVE-2018-11867, CVE-2018-11882, CVE-2018-11854, CVE-2018-11862, CVE-2018-11904(A-111125111, A-111126462, A-111126531, A-111127063, A-111127792, A-111127854, A-111127907, A-111127908, A-111127947, A-111127970, A-111127971, A-111127985, A-111127986, A-111127988, A-111128007, A-111128243, A-111128419, A-111128479, A-111128619, A-111128638, A-111128639, A-111128836, A-111128839, A-111128875, A-111129383), CVE-2018-11851, CVE-2018-11840, CVE-2018-11902, CVE-2018-11826, CVE-2018-11894, CVE-2018-11860, CVE-2018-11868, CVE-2018-11827, CVE-2018-11891, CVE-2018-11869, CVE-2018-11897, CVE-2018-11895, CVE-2018-11923, CVE-2018-11927, CVE-2018-11953, CVE-2018-11937, CVE-2018-11925, CVE-2018-11924, CVE-2018-11949, CVE-2018-11930, CVE-2018-11928, CVE-2018-11968, CVE-2018-12005, CVE-2018-13885, CVE-2018-11967(A-119052960), CVE-2017-17772, CVE-2018-5855, CVE-2019-2041, CVE-2019-2049, CVE-2019-2050, CVE-2019-2051, CVE-2019-2052, CVE-2019-2053

Moderate
CVE-2018-11819, CVE-2016-2428, CVE-2019-2043

Already included in previous updates
CVE-2018-12004, CVE-2018-11976, CVE-2018-12013, CVE-2018-12012, CVE-2018-13887, CVE-2018-11294, CVE-2018-11876, CVE-2018-11967(A-119049704), CVE-2018-13920

Not applicable to Samsung devices
CVE-2019-2250, CVE-2018-11291, CVE-2018-11879, CVE-2018-11904(A-111125545, A-111127791, A-111127873, A-111127906, A-111127909, A-111127972, A-111127987, A-111128008, A-111128009, A-111128242, A-111128245, A-111128576, A-111128577, A-111128616, A-111128617, A-111128636, A-111128796, A-111128835, A-111128837, A-111129693), CVE-2018-11889, CVE-2018-11878, CVE-2018-11905, CVE-2018-11936, CVE-2018-13925, CVE-2019-2244, CVE-2018-13895, CVE-2019-2245


※ Please see Android Security Bulletin for detailed information on Google patches.


Along with Google patches, Samsung Mobile provides 21 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR May-2019 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.


SVE-2018-12896, SVE-2018-12897: Keyboard learned words and clipboard contents are leaked on the lock screen via Bixby

Severity: Moderate
Affected Versions: Selected O(8.x) devices
Reported on: September 26, 2018
Disclosure status: Privately disclosed.
This vulnerability allows access to keyboard learned words and clipboard contents via Bixby.
The patch removes options for showing learned words and editing text from the keyboard while the devices are locked.


SVE-2018-13326: Vulnerability of secured notifications when using Voice Assistant

Severity: High
Affected Versions: N(7.x), O(8.x), P(9.0) devices
Reported on: October 25, 2018
Disclosure status: Privately disclosed.
When the voice assistant is turned on, the secured app’s notification content becomes audible outside of container.
The patch modifies the voice assistant not to notify the secured app’s notifications.


SVE-2019-13958: Information disclosure in GateKeeper Trustlet

Severity: High
Affected Versions: P(9.0) devices with Exynos chipsets
Reported on: February 6, 2019
Disclosure status: Privately disclosed.
An invalid input check vulnerability in Gatekeeper Trustlet allows information disclosure, and it can lead to memory leak.
The patch adds the proper input validation in Gatekeeper Trustlet.


SVE-2019-13921-1: A use-after-free vulnerability exists within the MALI GPU driver

Severity: High
Affected Versions: O(8.0), P(9.0) devices with Exynos8890 chipset
Reported on: January 31, 2019
Disclosure status: Privately disclosed.
A vulnerability in MALI GPU driver allows arbitrary kernel read/write.
The patch removes vulnerable logic in MALI GPU driver.


SVE-2019-13921-2: RKP Memory Corruption

Severity: High
Affected Versions: N(7.x), O(8.x), P(9.0) devices with Exynos7570, 7580, 7870, 7880, 8890 chipsets
Reported on: January 31, 2019
Disclosure status: Privately disclosed.
A vulnerability in RKP allows arbitrary write to protected memory.
The patch fixes memory mapping logic in RKP.


SVE-2019-13949: NULL dereference in Authnr Trustlet

Severity: Low
Affected Versions: N(7.x), O(8.0), P(9.0) devices with Qualcomm chipsets
Reported on: February 4, 2019
Disclosure status: Privately disclosed.
An invalid input check vulnerability in Authnr Trustlet allows null pointer dereference leading to a possible crash.
The patch adds the proper input validation in Authnr Trustlet.


SVE-2019-13950: NULL dereference in ESECOMM Trustlet

Severity: Low
Affected Versions: N(7.x), O(8.0), P(9.0) devices with Qualcomm chipsets
Reported on: February 4, 2019
Disclosure status: Privately disclosed.
An invalid input check vulnerability in ESECOMM Trustlet allows null pointer dereference leading to a possible crash.
The patch adds the proper input validation in ESECOMM Trustlet.


SVE-2019-13952: Integer Underflow in Secure Storage Trustlet

Severity: High
Affected Versions: O(8.x), P(9.0) devices with Qualcomm(MSM8998, SDM845, SM8150) chipsets
Reported on: February 4, 2019
Disclosure status: Privately disclosed.
An invalid input check vulnerability exists in Secure Storage Trustlet.
The patch adds the proper input validation in Secure Storage Trustlet.


SVE-2019-14008: Security issue in Secure Folder

Severity: Moderate
Affected Versions: O(8.x), P(9.0) devices
Reported on: February 11, 2019
Disclosure status: Privately disclosed.
A vulnerability allows access to Secure folder without authentication via adb command.
The patch blocks access to Secure folder via adb command while Secure folder is locked.


SVE-2019-14031: Gallery Security Issue

Severity: Low
Affected Versions: O(8.x) devices
Reported on: February 23, 2019
Disclosure status: Privately disclosed.
A vulnerability disables Gallery application permanently.
The patch addresses the issue.


SVE-2019-14071: Remote memory overflow in Shannon modem

Severity: Critical
Affected Versions: N(7.x), O(8.x), P(9.0) devices with Exynos chipsets
Reported on: March 2, 2019
Disclosure status: Privately disclosed.
A heap overflow vulnerability in baseband can lead to memory issues.
The patch adds length check code in the baseband code.


SVE-2019-14073: Potential Phishing Flow in OMACP

Severity: High
Affected Versions: All devices with all OS versions
Reported on: March 4, 2019
Disclosure status: Privately disclosed.
A vulnerability in OMACP application allows attackers to send manipulated OMCP message to change the network and internet settings in the device via phishing campaigns.
The patch blocks devices from receiving insecure OMACP message.


SVE-2019-14126: Heap overflow in the keymaster Trustlet

Severity: Critical
Affected Versions: N(7.x) O(8.x) P(9.0) devices with MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890, Exynos8895 chipset
Reported on: March 13, 2019
Disclosure status: Privately disclosed.
A heap overflow in the keymaster Trustlet allows attackers to write memory in TEE, and it can lead to arbitrary code execution in a privileged process.
The patch adds boundary checks in Keymaster Trustlet.

Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.


Acknowledgements
We truly appreciate the following researchers for helping Samsung to improve the security of our products.
- Bogdan: SVE-2018-12896, SVE-2018-12897
- Aleksandr Ruiz: SVE-2018-13326
- Andrei Akimov of Digital Security: SVE-2019-13958, SVE-2019-14126
- Gruskovnjak Jordan: SVE-2019-13921
- Slava Makkaveev of Check Point: SVE-2019-13949, SVE-2019-13950, SVE-2019-13952 
- Zero Day Initiative: SVE-2019-14008
- Julian Jackson: SVE-2019-14031
- Artyom Skrobov of Check Point: SVE-2019-14073
Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.


Google patches include patches up to Android Security Bulletin - Apr 2019 package. The Bulletin (Apr 2019) contains the following CVE items:

Critical
CVE-2018-11817, CVE-2018-11958, CVE-2019-2027, CVE-2019-2028, CVE-2019-2029

High
CVE-2018-11970, CVE-2018-11966, CVE-2018-11971, CVE-2018-10879, CVE-2019-2025, CVE-2018-10883, CVE-2018-13899, CVE-2018-13917, CVE-2019-2023, CVE-2019-2003, CVE-2019-2026, CVE-2019-2030, CVE-2019-2031, CVE-2019-2032, CVE-2019-2033, CVE-2019-2034, CVE-2019-2035, CVE-2019-2037, CVE-2019-2038, CVE-2019-2039, CVE-2019-2040

Moderate
None

Already included in previous updates
CVE-2018-13918, CVE-2017-8252(A-79419898, A-79420414)

Not applicable to Samsung devices
CVE-2019-2024, CVE-2017-8252(A-112277630, A-112279542, A-114041175)


※ Please see Android Security Bulletin for detailed information on Google patches.


Along with Google patches, Samsung Mobile provides 15 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Apr-2019 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.


SVE-2018-13164, SVE-2018-13156: Change of protected features without authentication via Emergency mode

Severity: Moderate
Affected Versions: N(7.x), O(8.x), P(9.0) devices
Reported on: October 9, 2018
Disclosure status: Privately disclosed.
Improper startup procedure in Emergency mode allows unauthorized users to accept Emergency mode EULA instead of the device owner and disable some protected features without any prior authentication.
The patch adds authentication procedure before it starts Emergency mode.


SVE-2019-13899: Smartwatch bug

Severity: High
Affected Versions: P(9.0) devices
Reported on: January 25, 2019
Disclosure status: Privately disclosed.
A vulnerability in Secure Folder allows to show the Secure Folder notification content in smartwatch.
The patch adds the notification ID check and reject if it comes from Secure Folder.


SVE-2019-13910: Arbitrary code execution in Trustlet

Severity: Critical
Affected Versions: N(7.X), O(8.X) devices with Exynos 7570, 7870, 7880, 7885, 8890, 8895, 9810 chipsets
Reported on: January 29, 2019
Disclosure status: Privately disclosed.
Double-fetch vulnerability in Trustlet allows arbitrary code execution in the TEE.
The patch addresses the double-fetch vulnerability in the Trustlet.


SVE-2019-13963: Stack overflow in Baseband

Severity: Critical
Affected Versions: N(7.x), O(8.x), Go(8.1), P(9.0), Go(9.0) devices with Exynos chipsets
Reported on: February 5, 2019
Disclosure status: Privately disclosed.
A stack overflow vulnerability in baseband allows arbitrary code execution.
The patch adds length check code in the baseband code.

Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.


Acknowledgements
We truly appreciate the following researchers for helping Samsung to improve the security of our products.
- Andr. Ess : SVE-2018-13164, SVE-2018-13156
- Bogdan: SVE-2019-13899
- Eloi Sanfelix : SVE-2019-13910
Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.


Google patches include patches up to Android Security Bulletin - Mar 2019 package. The Bulletin (Mar 2019) contains the following CVE items:

Critical
CVE-2018-11262, CVE-2018-11289, CVE-2018-11820, CVE-2018-11938, CVE-2018-11945, CVE-2019-1989, CVE-2019-1990, CVE-2019-2009

High
CVE-2018-10879, CVE-2019-1999, CVE-2019-2000, CVE-2019-2001, CVE-2018-11280, CVE-2018-13900, CVE-2018-13905, CVE-2018-11268, CVE-2018-11845, CVE-2018-11864, CVE-2018-11921, CVE-2018-11931, CVE-2018-11932, CVE-2018-11935, CVE-2018-11948, CVE-2018-5839, CVE-2018-13904, CVE-2018-20346, CVE-2019-1985, CVE-2019-2004, CVE-2019-2006, CVE-2019-2007, CVE-2019-2008, CVE-2019-2010, CVE-2019-2011, CVE-2019-2012, CVE-2019-2013, CVE-2019-2014, CVE-2019-2015, CVE-2019-2016, CVE-2019-2017, CVE-2019-2018, CVE-2018-9561, CVE-2018-9563, CVE-2018-9564, CVE-2019-2019, CVE-2019-2020, CVE-2019-2021, CVE-2019-2022

Moderate
CVE-2019-2005

Already included in previous updates
None

Not applicable to Samsung devices
CVE-2018-6271, CVE-2018-6267, CVE-2018-6268, CVE-2016-6684, CVE-2018-11275


※ Please see Android Security Bulletin for detailed information on Google patches.


Along with Google patches, Samsung Mobile provides 11 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Mar-2019 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.


SVE-2018-13162: TCP SYN Packet Denial of Service Vulnerability on the WIFI interface

Severity: High
Affected Versions: N(7.x), O(8.x) devices with Broadcom WIFI and SEC WIFI chipsets
Reported on: October 9, 2018
Disclosure status: Privately disclosed.
A vulnerability in WIFI allows denial of service due to memory exhaustion from TCP SYN flooding attack.
The patch prevents memory exhaustion when TCP SYN flooding attack is detected.


SVE-2018-13452: Time based SQL injection in Contacts

Severity: High
Affected versions: N(7.x), O(8.x) devices
Reported on: November 11, 2018
Disclosure status: Privately disclosed.
A possible time-based SQL injection vulnerability in Contacts application allows unauthorized access to contact information.
The patch adds placeholder to prevent SQL injection in Contacts application.


SVE-2018-13453: Unauthorized access to sensitive information in Allshare

Severity: High
Affected Versions: N(7.x), O(8.x), P(9.0) devices
Reported on: November 11, 2018
Disclosure status: Privately disclosed.
A vulnerability in Allshare fileshare service allows unauthorized access to device sensitive information.
The patch modifies the storage path of device information to sandboxed area for protection.


SVE-2018-13467: Heap Overflow in Baseband(SS ASN Decoding)

Severity: Critical
Affected versions: O(8.x) devices with Exynos chipsets
Reported on: November 13, 2018
Disclosure status: Privately disclosed.
A possible heap overflow vulnerability in baseband allows arbitrary code execution.
The patch adds length check code in the baseband.


SVE-2018-13547: FRP bypass using SVoice T&C

Severity: Low
Affected Versions: N(7.x), O(8.x) devices
Reported on: November 21, 2018
Disclosure status: Privately disclosed.
External link exposure in SVoice T&C allows Factory Reset Protection (FRP) bypass.
The patch prevents access to the specific link by removing the URL in T&C.


SVE-2018-13563: Leakage of private mode content’s thumbnail

Severity: Moderate
Affected versions: Selected N(7.x), O(8.x) devices which supports Private Mode
Reported on: November 27, 2018
Disclosure status: Privately disclosed.
A vulnerability in Gallery leaks Private Mode thumbnail contents.
The patch modifies handling of cache file to disabled access to Private Mode.


SVE-2018-13764: Preview exposure of Secure Folder

Severity: Moderate
Affected versions: P(9.0) devices
Reported on: December 28, 2018
Disclosure status: Privately disclosed.
A vulnerability in Secure Folder allows exposure of preview in recent apps.
The patch fixes Secure Folder to protect preview in recent apps.


SVE-2018-13765: Unpinning of app without authentication

Severity: Moderate
Affected versions: P(9.0) devices
Reported on: December 28, 2018
Disclosure status: Privately disclosed.
A vulnerability in Pin Window feature allows unpinning of app without authentication.
The patch fixes Pin Window to enforce authentication when unpinning app.


SVE-2019-13773: Secure startup bug

Severity: Moderate
Affected versions: P(9.0) devices
Reported on: January 3, 2019
Disclosure status: Privately disclosed.
A vulnerability in Secure Startup feature allows exposure of keyboard suggested words.
The patch blocks Samsung Keyboard from showing suggested words in the Secure Startup.


SVE-2019-13814, SVE-2019-13815: Security setting modifications without authentication

Severity: High
Affected versions: P(9.0) devices
Reported on: January 12, 2019
Disclosure status: Privately disclosed.
A vulnerability in Settings allows security settings modifications without authentication via certain unprivileged activities.
The patch fixes Settings to protect component from unprivileged activities.

Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.


Acknowledgements
We truly appreciate the following researchers for helping Samsung to improve the security of our products.

- Jelmer de Hen: SVE-2018-13452
- Pholwongsa, Voottisak: SVE-2018-13547
- Andr. Ess: SVE-2018-13453, SVE-2018-13563
- Bogdan: SVE-2018-13764, SVE-2018-13765, SVE-2019-13773, SVE-2019-13814, SVE-2019-13815
- Pierre Barre and Chaouki Kasmi from DarkMatter: SVE-2018-13162
- Fluoroacetate working with Zero Day Initiative: SVE-2018-13467
Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.


Google patches include patches up to Android Security Bulletin - Feb 2019 package. The Bulletin (Feb 2019) contains the following CVE items:

Critical
CVE-2019-1986, CVE-2019-1987, CVE-2019-1988, CVE-2019-1991, CVE-2019-1992

High
CVE-2018-13405, CVE-2018-10876, CVE-2018-10877, CVE-2018-10882, CVE-2018-18281, CVE-2018-12014, CVE-2017-17760, CVE-2018-5268, CVE-2018-5269, CVE-2019-1993, CVE-2019-1994, CVE-2019-1996, CVE-2019-1997, CVE-2019-1998

Moderate
CVE-2017-18009

Already included in previous updates
CVE-2018-11847, CVE-2018-17182, CVE-2018-11888, CVE-2018-11962, CVE-2018-13889

Not applicable to Samsung devices
CVE-2018-10880, CVE-2018-6241, CVE-2018-13888, CVE-2019-1995


※ Please see Android Security Bulletin for detailed information on Google patches.


Along with Google patches, Samsung Mobile provides 12 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Feb-2019 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.


SVE-2018-13187: Heap overflow in Baseband

Severity: Critical
Affected Versions: N(7.x), O(8.x), P(9.0) devices with Exynos chipsets
Reported on: October 15, 2018
Disclosure status: Privately disclosed.
A possible heap overflow vulnerability in baseband may cause memory issues.
The patch adds length check code in the baseband.


SVE-2018-13188: Stack overflow in Baseband

Severity: Critical
Affected versions: N(7.x), O(8.x), P(9.0) devices with Exynos chipsets
Reported on: October 15, 2018
Disclosure status: Privately disclosed.
A possible stack overflow vulnerability in baseband allows arbitrary code execution.
The patch adds length check code in the baseband.


SVE-2018-13060: Possible uninitialized memory disclosure in Gallery

Severity: Low
Affected Versions: N(7.1), O(8.x), P(9.0) devices
Reported on: September 26, 2018
Disclosure status: Privately disclosed.
A vulnerability in the library that parses the images exposes memory when opening images via Gallery app.
The patch addresses the memory exposure in Gallery app.


SVE-2018-12981: Keyboard learned words are leaked on the lock screen via S-Voice

Severity: Moderate
Affected versions: N(7.x), O(8.x) devices
Reported on: September 9, 2018
Disclosure status: Privately disclosed.
A vulnerability in Keyboard allows access to learned words via S-Voice in the locked state.
The patch blocks access to Keyboard’s learned words in the lock screen.


SVE-2018-13427: Information disclosure in the ion debugfs driver

Severity: Low
Affected Versions: N(7.1), O(8.x) devices with Exynos chipsets
Reported on: November 5, 2018
Disclosure status: Privately disclosed.
A possible information leak vulnerability exists in the ion debugfs driver.
The patch prevents output of kernel driver in the kernel log.

Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.


Acknowledgements
We truly appreciate the following researchers for helping Samsung to improve the security of our products.

- Belchenko Artem: SVE-2018-13060
- Bogdan: SVE-2018-12981
- Jianqiang Zhao: SVE-2018-13427
Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.


Google patches include patches up to Android Security Bulletin - Jan 2019 package. The Bulletin (Jan 2019) contains the following CVE items:

Critical
CVE-2018-11279, CVE-2017-8248, CVE-2018-9583

High
CVE-2017-18160, CVE-2018-9568, CVE-2018-11963,CVE-2018-11960, CVE-2018-9565, CVE-2017-18329, CVE-2017-18326, CVE-2017-18321,CVE-2017-18323,CVE-2017-18324,CVE-2017-18332,CVE-2017-18319,CVE-2017-18322,CVE-2017-18328, CVE-2018-5915,CVE-2018-9582,CVE-2018-9584,CVE-2018-9585,CVE-2018-9586,CVE-2018-9587,CVE-2018-9588,CVE-2018-9589,CVE-2018-9590,CVE-2018-9591,CVE-2018-9592,CVE-2018-9593,CVE-2018-9594

Moderate
None

Already included in previous updates
CVE-2018-11267, CVE-2018-11961, CVE-2018-10840, CVE-2018-5869, CVE-2017-18320, CVE-2017-11004, CVE-2017-18141, CVE-2017-8276, CVE-2018-3595, CVE-2017-18330, CVE-2018-11999, CVE-2018-5868, CVE-2018-5867, CVE-2017-18331, CVE-2017-18327, CVE-2017-5754, CVE-2018-5913

Not applicable to Samsung devices
CVE-2018-11922, CVE-2018-9567


※ Please see Android Security Bulletin for detailed information on Google patches.


Along with Google patches, Samsung Mobile provides 4 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Jan-2019 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.


SVE-2018-13162: TCP SYN Packet Denial Of Service Vulnerability on the WIFI interface

Severity: High
Affected Versions: N(7.0), O(8.x) devices with Exynos9810 chipset
Reported on: October 9, 2018
Disclosure status: Privately disclosed.
A vulnerability in WIFI allows denial of service due to memory exhaustion from TCP SYN flooding attack.
The patch prevents memory exhaustion when TCP SYN flooding attack is detected.


SVE-2018-13467: Heap Overflow in Baseband (SS ASN Decoding)

Severity: Critical
Affected versions: O(8.x) devices with Exynos9810 chipset
Reported on: November 13, 2018
Disclosure status: Privately disclosed.
A possible heap overflow vulnerability in baseband allows arbitrary code execution.
The patch adds length check code in the baseband.


SVE-2018-13474: Captive Portal redirection vulnerability

Severity: Moderate
Affected Versions: N(7.x), O(8.x), P(9.0)
Reported on: November 13, 2018
Disclosure status: Privately disclosed.
A vulnerability in Captive Portal allows automatic redirection to unsafe applications.
The patch blocks handling of custom scheme in Captive Portal to prevent automatic redirection.

Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.


Acknowledgements
We truly appreciate the following researchers for helping Samsung to improve the security of our products.

- Pierre Barre and Chaouki Kasmi from DarkMatter: SVE-2018-13162
- Fluoroacetate working with Zero Day Initiative: SVE-2018-13467
- MWR Labs working with Zero Day Initiative: SVE-2018-13474