Samsung pushes out Android security updates for flagship Galaxy models
Samsung is rolling out new security updates for its Galaxy branded flagship phones such as S5, S6, S6 Edge, S6 Edge+, Note 4 and Note 5 for users in regions including Asia, Australia, Europe, North and South America.
The rollout is part of the company's monthly Security Maintenance Release (SMR) process which includes all patches from Google and Samsung. The release is identical to the firmware update that Google released for its Nexus lineup in the beginning of February. The updates patched 10 security flaws and seven major vulnerabilities in the Android operating system.
There is also a patch for Qualcomm Wi-Fi drivers and fix for a critical error that could allow hackers to remotely gain access to the devices through text messages, reports Sammobile. Samsung could not post the entire changelog for the February security updates. Below are a few details about Samsung Vulnerabilities and Exposures (SVE) items:
SVE-2016-5036: SecNetfilter Security Patch
- Severity: Medium
- Affected versions: All devices using SecNetfilter driver on KK(4.4) or L(5.0/5.1)
- Reported on: October 20, 2015
- Disclosure status: This issue is publicly known.
- A vulnerability dereferencing Null-pointer during parsing the URL can make a memory corruption and be abused by attackers.
- The supplied patch removes the 'SecNetfilter' driver.
SVE-2016-5134: TvoutService_C service DoS
- Severity: Low
- Affected versions: KK(4.4), L(5.0/5.1), M(6.0)
- Reported on: October 30, 2015
- Disclosure status: This issue is publicly known.
- A vulnerability without appropriate exception handling allows attackers to make a system crash easily through such as a DoS attack.
- The supplied patch prevents unexpected crashes by confirming the validation of variables.
SVE-2016-5326: Buffer overflow vulnerability in Qualcomm WLAN Driver
- Severity: Critical
- Affected versions: J(4.2) and above with Qualcomm Wi-Fi chipset
- Reported on: December 15, 2015
- Disclosure status: This issue is publicly known.
- A vulnerability not confirming boundary condition before memory copy can make buffer overflow by an unexpected data size.
- The supplied patch prevents buffer overflow by confirming the sizes of source and destination.
To fetch the update manually on your Galaxy phone, head over to Settings>> About Device>> Check for Updates. Note that the regular OS updates could cause delay to the security updates, but the OS upgrade will include all the up-to-date security patches. The security updates might not be available for all users at the moment and might vary depending on the region and devices.
More about Galaxy devices
© Copyright IBTimes 2024. All rights reserved.