Samsung November 2023 patch details

Samsung publishes December 2023 security patch details

Blight Mojave
Posted by Blight Mojave December 5, 2023

Samsung has not yet begun the distribution of its latest month’s update for eligible devices but has officially published the December 2023 Android security patch details, revealing the fixes and improvements that the latest software update carries for Galaxy devices.

According to the information, Samsung’s December 2023 security patch brings fixes for 7 critical and 43 high levels of CVEs for the Android operating system. In addition, Samsung provides fixes for 16 Vulnerabilities and Exposures (SVE) items to improve user experience.

The latest security patch mends dozens of issues related to improper access control in KnoxCustom service and KnoxCustomManagerService. Additionally, Samsung Semiconductor provided patches for two moderate issues.

December 2023 Security Patch Bulletin

Critical

  • CVE-2023-21671, CVE-2023-28574, CVE-2023-22388, CVE-2023-33045, CVE-2023-40077, CVE-2023-40076, CVE-2023-40088

High

  • CVE-2023-28469, CVE-2023-20702, CVE-2023-32835, CVE-2023-32834, CVE-2023-33031, CVE-2023-33059, CVE-2023-33055, CVE-2023-33074, CVE-2023-28545, CVE-2023-24852, CVE-2023-33048, CVE-2023-33056, CVE-2023-33047, CVE-2023-33061, CVE-2023-40079, CVE-2023-40089, CVE-2023-40091, CVE-2023-40095, CVE-2023-40096, CVE-2023-40103, CVE-2023-45774, CVE-2023-45777, CVE-2023-21267, CVE-2023-40073, CVE-2023-40092, CVE-2023-40074, CVE-2023-40075, CVE-2023-40078, CVE-2023-40080, CVE-2023-40082, CVE-2023-40084, CVE-2023-40087, CVE-2023-40090, CVE-2023-40097, CVE-2023-45773, CVE-2023-45775, CVE-2023-45776, CVE-2023-35668, CVE-2023-40083, CVE-2023-21394, CVE-2023-40098, CVE-2023-45781, CVE-2023-40094(A-288896339, A-307719731)

Moderate

  • None

Already included in previous updates

  • CVE-2023-28556

Not applicable to Samsung devices

  • CVE-2023-32836, CVE-2023-32837, CVE-2023-32832, CVE-2023-40081

One UI Patch Details

Samsung also addressed 16 issues specific to its devices, such as improper access control in knoxcustom service and KnoxCustomManagerService. Additionally, Samsung Semiconductor provided patches for two moderate issues.

  • SVE-2023-1700(CVE-2023-42570): Improper access control vulnerability in KnoxCustomManagerService
  • SVE-2023-1694(CVE-2023-42564): Improper access control in knoxcustom service
  • SVE-2023-1621(CVE-2023-42563): Integer overflow vulnerability in libFacePreProcessingjni.camera.samsung.so
  • SVE-2023-1620(CVE-2023-42562): Integer overflow vulnerability in libFacePreProcessingjni.camera.samsung.so
  • SVE-2023-1488(CVE-2023-42569): Improper authorization verification vulnerability in AR Emoji
  • SVE-2023-1480(CVE-2023-42561): Out-of-bounds write vulnerability in bootloader
  • SVE-2023-1452(CVE-2023-42568): Improper access control vulnerability in SmartManagerCN
  • SVE-2023-1440(CVE-2023-42560): Out-of-bounds write vulnerability in dec_mono_audb of libsavsac.so
  • SVE-2023-1430(CVE-2023-42559): Improper exception management vulnerability in Knox Guard
  • SVE-2023-1393(CVE-2023-42558): Out of bounds write vulnerability in HDCP in HAL
  • SVE-2023-1374(CVE-2023-42557): Out-of-bound write vulnerability in libIfaaCa
  • SVE-2023-1350(CVE-2023-42567): Improper size check vulnerability in softsimd
  • SVE-2023-1102(CVE-2023-42566): Out-of-bound write vulnerability in libsavsvc
  • SVE-2023-1003(CVE-2023-42565): Improper input validation vulnerability in Smart Clip
  • SVE-2023-0938(CVE-2023-42556): Implicit intent hijacking vulnerability in Contacts

Samsung devices One UI 6 first update

Tags:
Blight Mojave
Blight Mojave
View More Posts
Blight is an aspiring Samsung enthusiast and technology aficionado, dedicated to exploring the extraordinary realms facilitated by cutting-edge innovations. He is passionate about Artificial Intelligence (AI) and its potential to transform industries, enhance human experiences, and shape a better future. Fascinated by the delicate beauty and he is captivating essence of flowers, finding solace in their presence. He is constantly seeking knowledge and growth, eager to connect with like-minded individuals and build meaningful relationships.
adbanner