close

Samsung Mobile Security and Cookies

Our site uses essential cookies only. You can read our Privacy Policy and Cookie Policy for more information.

close

Samsung Mobile Security
Cookie Policy

Updated on Jan 17, 2022

This Cookie Policy describes the different types of cookies that may be used in connection with Samsung Mobile Security website which is owned and controlled by Samsung Electronics Co., Ltd (“Samsung Electronics”). This Cookie Policy also describes how you can manage cookies.

It’s important that you check back often for updates to the Policy as we may change it from time to time to reflect changes to our use of cookies. Please check the date at the top of this page to see when this Policy was last revised. Any changes to this Policy will become effective when we make the revised Policy available on our website.

Samsung Electronics has offices across Europe, so we can ensure that your request or query will be handled by the data protection team based in your region. If you have any questions, the easiest way to contact us is through our Privacy Support Page at https://www.samsung.com/request-desk.

You can also contact us at:

European Data Protection Officer
Samsung Electronics (UK) Limited
Samsung House, 2000 Hillswood Drive, Chertsey, Surrey KT16 0RS

Cookies

Cookies are small files that store information on your computer, TV, mobile phone, or other device. They enable the entity that put the cookie on your device to recognize you across different websites, services, devices, and/or browsing sessions.

We use the following types of cookies on this website:

Essential Cookies: enable you to receive the services you request via our website. Without these cookies, services that you have asked for cannot be provided. For example, these enable to identify users and provide proper service for each user. These cookies are automatically enabled and cannot be turned off because they are essential to enable you to browse our website. Without these cookies this Samsung Mobile Security website could not be provided.

Cookie Domain Purpose
JSESSIONID security.samsungmobile.com to keep login session
lastActivityTime security.samsungmobile.com to save the user's last activity time to automatically logout after 30 minutes of inactivity

Managing Cookies and Other Technologies

You can also update your browser settings at any time, if you want to remove or block cookies from your device (consult your browser's "help" menu to learn how to remove or block cookies). Samsung Electronics is not responsible for your browser settings. You can find good and simple instructions on how to manage cookies on the different types of web browsers at http://www.allaboutcookies.org.

Go straight to the menu Go straight to the text
Home>Security Updates>Firmware Updates

Security Updates

2024Open selected window by year

Close selected window by year
January February March April

Disclaimer

  • Please note that in some cases regular OS upgrades may cause delays to planned security updates. However, users can be rest assured the OS upgrades will include up-to-date security patches when delivered.
  • While we are doing our best to deliver the security patches as soon as possible to all applicable models, delivery time of security patches may vary depending on the regions and models.
  • Some patches to be received from chipset vendors (also known as Device Specific patches) may not be included in the security update package of the month. They will be included in upcoming security update packages as soon as the patches are ready to deliver.

Acknowledgements

Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.


Google patches include patches up to Android Security Bulletin – April 2024 package. The Bulletin (April 2024) contains the following CVE items:

Critical
CVE-2023-28578

High
CVE-2023-6143, CVE-2023-6241, CVE-2024-20020, CVE-2024-20005, CVE-2024-20026, CVE-2024-20028, CVE-2024-20025, CVE-2024-20027, CVE-2024-20023, CVE-2024-20024, CVE-2023-33066, CVE-2023-43550, CVE-2023-33042, CVE-2023-43548, CVE-2023-43539, CVE-2023-43549, CVE-2023-43552, CVE-2023-43553, CVE-2024-23710, CVE-2024-23713, CVE-2024-0022, CVE-2024-23712, CVE-2024-23704, CVE-2023-21267, CVE-2024-0026, CVE-2024-0027

Moderate
None

Already included in previous updates
CVE-2024-20022

Not applicable to Samsung devices
CVE-2023-48424, CVE-2023-48425, CVE-2023-43546, CVE-2023-43547, CVE-2023-33105


※ Please see Android Security Bulletin for detailed information on Google patches.


Along with Google patches, Samsung Mobile provides 17 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Apr-2024 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.


SVE-2023-2218(CVE-2024-20842): Improper Input Validation vulnerability in libsec-ril

Severity: Moderate
Affected versions: Android 12, 13, 14
Reported on: December 4, 2023
Disclosure status: Privately disclosed
Improper Input Validation vulnerability in handling apdu of libsec-ril prior to SMR Apr-2024 Release 1 allows local privileged attackers to write out-of-bounds memory.
The patch adds proper boundary check logic to prevent arbitrary write.


SVE-2023-2224(CVE-2024-20843): Out-of-bounds write vulnerability in libIfaaCa

Severity: Moderate
Affected versions: Android 12, 13, 14
Reported on: December 5, 2023
Disclosure status: Privately disclosed
Out-of-bounds write vulnerability in command parsing implementation of libIfaaCa prior to SMR Apr-2024 Release 1 allows local privileged attackers to execute arbitrary code.
The patch adds proper logic to prevent arbitrary code execution.


SVE-2023-2269(CVE-2024-20844): Out-of-bounds write vulnerability in libsavsac.so

Severity: High
Affected versions: Android 12
Reported on: December 11, 2023
Disclosure status: Privately disclosed
Out-of-bounds write vulnerability while parsing remaining codewords in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.
The patch adds proper boundary check logic.


SVE-2023-2270(CVE-2024-20845): Out-of-bounds write vulnerability in libsavsac.so

Severity: High
Affected versions: Android 12
Reported on: December 11, 2023
Disclosure status: Privately disclosed
Out-of-bounds write vulnerability while releasing memory in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.
The patch adds proper boundary check logic.


SVE-2023-2271(CVE-2024-20846): Out-of-bounds write vulnerability in libsavsac.so

Severity: Moderate
Affected versions: Android 12
Reported on: December 11, 2023
Disclosure status: Privately disclosed
Out-of-bounds write vulnerability while decoding hcr of libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.
The patch adds proper boundary check logic.


SVE-2023-2367(CVE-2024-20848): Improper Input Validation vulnerability in libsdffextractor

Severity: Moderate
Affected versions: Android 12, 13, 14
Reported on: December 22, 2023
Disclosure status: Privately disclosed
Improper Input Validation vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2024 Release 1 allows local attackers to write out-of-bounds memory.
The patch adds proper logic to prevent integer overflow.


SVE-2023-2368(CVE-2024-20849): Out-of-bounds Write vulnerability in libsdffextractor

Severity: High
Affected versions: Android 12, 13, 14
Reported on: December 22, 2023
Disclosure status: Privately disclosed
Out-of-bounds Write vulnerability in chunk parsing implementation of libsdffextractor prior to SMR Apr-2024 Release 1 allows local attackers to execute arbitrary code.
The patch adds proper logic to prevent arbitrary code execution.


SVE-2023-2389(CVE-2024-20847): Improper Access Control vulnerability in StorageManagerService.

Severity: Moderate
Affected versions: Android 12, 13, 14
Reported on: December 28, 2023
Disclosure status: Privately disclosed
Improper Access Control vulnerability in StorageManagerService prior to SMR Apr-2024 Release 1 allows local attackers to read sdcard information.
The patch adds proper caller check logic to prevent improper access.


Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.


Acknowledgements
Zinuo Han https://twitter.com/ele7enxxh of OPPO Amber Security Lab: SVE-2023-2218, SVE-2023-2224, SVE-2023-2269, SVE-2023-2270, SVE-2023-2271, SVE-2023-2367, SVE-2023-2368
balance: SVE-2023-2389
Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.


Google patches include patches up to Android Security Bulletin – March 2024 package. The Bulletin (March 2024) contains the following CVE items:

Critical
CVE-2024-0039, CVE-2024-23717

High
CVE-2023-5091, CVE-2023-5249, CVE-2023-5643, CVE-2024-20011, CVE-2024-20007, CVE-2023-33046, CVE-2023-33072, CVE-2023-33060, CVE-2023-33076, CVE-2023-33058, CVE-2023-33049, CVE-2023-33057, CVE-2023-43523, CVE-2023-43522, CVE-2023-43536, CVE-2023-43533, CVE-2023-43513, CVE-2023-43516, CVE-2023-43534, CVE-2023-49668, CVE-2023-49667, CVE-2023-32842, CVE-2023-32841, CVE-2023-32843, CVE-2024-0044, CVE-2024-0046, CVE-2024-0048, CVE-2024-0049, CVE-2024-0050, CVE-2024-0051, CVE-2024-0053, CVE-2024-0047, CVE-2024-0045, CVE-2024-0052, CVE-2023-21135

Moderate
None

Already included in previous updates
CVE-2024-20010, CVE-2023-43520, CVE-2024-20003, CVE-2023-21234

Not applicable to Samsung devices
CVE-2024-20009, CVE-2024-20006, CVE-2023-43518, CVE-2023-43519, CVE-2023-40081


※ Please see Android Security Bulletin for detailed information on Google patches.


Along with Google patches, Samsung Mobile provides 9 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Mar-2024 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.


SVE-2023-1793(CVE-2024-20830): Incorrect default permission in AppLock

Severity: Moderate
Affected versions: Android 11, 12, 13, 14
Reported on: October 11, 2023
Disclosure status: Privately disclosed
Incorrect default permission in AppLock prior to SMR Mar-2024 Release 1 allows local attackers to configure AppLock settings.
The patch adds proper declaration of permission to prevent unauthorized configuration.


SVE-2023-2078(CVE-2024-20831): Stack overflow in bootloader

Severity: Moderate
Affected versions: Selected Android 11, 12, 13, 14 MediaTek devices
Reported on: November 16, 2023
Disclosure status: Privately disclosed
Stack overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows a privileged attackers to execute arbitrary code.
The patch adds proper error handling logic.


SVE-2023-2079(CVE-2024-20832): Heap overflow in bootloader

Severity: Moderate
Affected versions: Selected Android 11, 12, 13, 14 MediaTek devices
Reported on: November 16, 2023
Disclosure status: Privately disclosed
Heap overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows a privileged attacker to execute arbitrary code.
The patch adds proper size check logic.


SVE-2023-2151(CVE-2024-20833): Use after free vulnerability in NETLINKFIPSCRYPTO

Severity: Moderate
Affected versions: Android 11, 12, 13, 14
Reported on: November 25, 2023
Disclosure status: Privately disclosed
Use after free vulnerability in pub_crypto_recv_msg prior to SMR Mar-2024 Release 1 due to race condition allows local attackers with system privilege to cause memory corruption.
The patch adds proper check logic to prevent use after free.


SVE-2023-2170(CVE-2024-20834): The sensitive information exposure vulnerability in WlanTest

Severity: Moderate
Affected versions: Android 11, 12, 13, 14
Reported on: November 28, 2023
Disclosure status: Privately disclosed
The sensitive information exposure vulnerability in WlanTest prior to SMR Mar-2024 Release 1 allows local attackers to access MAC address without proper permission.
The patch adds proper permission to prevent sensitive information exposure.


SVE-2023-2382(CVE-2024-20835): Improper access control vulnerability in CustomFrequencyManagerService

Severity: Moderate
Affected versions: Android 11, 12, 13, 14
Reported on: December 25, 2023
Disclosure status: Privately disclosed
Improper access control vulnerability in CustomFrequencyManagerService prior to SMR Mar-2024 Release 1 allows local attackers to execute privileged behaviors.
The patch removes deprecated functions to prevent improper access.


SVE-2023-2385(CVE-2024-20836): Out of bounds Read vulnerability in libsubextractor.so

Severity: Moderate
Affected versions: Android 11, 12, 13, 14
Reported on: December 27, 2023
Disclosure status: Privately disclosed
Out of bounds Read vulnerability in ssmis_get_frm in libsubextractor.so prior to SMR Mar-2024 Release 1 allows local attackers to read out of bounds memory.
The patch adds proper check logic to prevent buffer overflow.


Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.


Acknowledgements
balance: SVE-2023-1793, SVE-2023-2382
Maxime Rossi Bellom and Damiano Melotti from Quarkslab: SVE-2023-2078, SVE-2023-2079
Chao Ma of Baidu Security: SVE-2023-2151
Dawuge: SVE-2023-2170
Zinuo Han https://twitter.com/ele7enxxh of OPPO Amber Security Lab: SVE-2023-2385
Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.


Google patches include patches up to Android Security Bulletin – February 2024 package. The Bulletin (February 2024) contains the following CVE items:

Critical
CVE-2023-21651, CVE-2023-33025, CVE-2024-0031

High
CVE-2023-33042, CVE-2023-33043, CVE-2023-33044, CVE-2023-4295, CVE-2023-5427, CVE-2023-21165, CVE-2023-32872, CVE-2023-33033, CVE-2023-33037, CVE-2023-33030, CVE-2023-33032, CVE-2023-33014, CVE-2023-33040, CVE-2023-28567, CVE-2023-28565, CVE-2023-28564, CVE-2023-28548, CVE-2023-28544, CVE-2023-28558, CVE-2023-28559, CVE-2022-33275, CVE-2023-28560, CVE-2023-28557, CVE-2023-33112, CVE-2023-43511, CVE-2023-33062, CVE-2023-33109, CVE-2023-33117, CVE-2023-33110, CVE-2023-33120, CVE-2023-33094, CVE-2023-33114, CVE-2023-33113, CVE-2023-43514, CVE-2023-48352, CVE-2023-48351, CVE-2023-48349, CVE-2023-48350, CVE-2023-48348, CVE-2023-48344, CVE-2023-48342, CVE-2023-48341, CVE-2023-48343, CVE-2023-48340, CVE-2024-0029, CVE-2024-0032, CVE-2024-0034, CVE-2024-0036, CVE-2024-0038, CVE-2024-0041, CVE-2023-40122, CVE-2024-0037, CVE-2024-0040, CVE-2024-0014, CVE-2024-0033, CVE-2024-0035, CVE-2023-40093, CVE-2024-0030

Moderate
None

Already included in previous updates
CVE-2023-33036, CVE-2023-33108

Not applicable to Samsung devices
CVE-2023-32874, CVE-2023-33085


※ Please see Android Security Bulletin for detailed information on Google patches.


Along with Google patches, Samsung Mobile provides 8 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Feb-2024 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.


SVE-2023-1449(CVE-2024-20810): Implicit intent hijacking vulnerability in Smart Suggestions

Severity: Moderate
Affected versions: Android 12, 13
Reported on: August 5, 2023
Disclosure status: Privately disclosed
Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows attackers to get sensitive information.
The patch change the implicit intent to explicit intent.


SVE-2023-1548(CVE-2024-20811): Improper caller verification in GosSystemService

Severity: Moderate
Affected versions: Android 11, 12, 13, 14
Reported on: August 20, 2023
Disclosure status: Privately disclosed
Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer.
The patch adds proper verification to prevent unauthorized configuration.


SVE-2023-1609(CVE-2024-20812): Out-of-bounds Write in padmd_vld_htbl of libpadm.so

Severity: High
Affected versions: Android 11, 12, 13, 14
Reported on: September 3, 2023
Disclosure status: Privately disclosed
Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.
The patch adds buffer size check logic.


SVE-2023-1610(CVE-2024-20813): Out-of-bounds Write in padmd_vld_qtbl of libpadm.so

Severity: High
Affected versions: Android 11, 12, 13, 14
Reported on: September 3, 2023
Disclosure status: Privately disclosed
Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code.
The patch adds buffer size check logic.


SVE-2023-1674(CVE-2024-20814): Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so

Severity: Moderate
Affected versions: Android 11, 12, 13, 14
Reported on: September 17, 2023
Disclosure status: Privately disclosed
Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to SMR Feb-2024 Release 1 allows attacker access unauthorized information.
The patch adds length check logic.


SVE-2023-1685(CVE-2024-20816, CVE-2024-20815): Improper authentication vulnerability in Auto Hotspot

Severity: High
Affected versions: Android 11, 12, 13, 14
Reported on: September 18, 2023
Disclosure status: Privately disclosed
Improper authentication vulnerability in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user awareness.
The patch adds the proper conditions for using Auto Hotspot.


SVE-2023-1754(CVE-2024-20819, CVE-2024-20818, CVE-2024-20817): Out-of-bounds write vulnerabilities in libsthmbc.so

Severity: High
Affected versions: Android 11, 12, 13, 14
Reported on: October 3, 2023
Disclosure status: Privately disclosed
Out-of-bounds write vulnerabilities in libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.
The patches add proper check logic to prevent buffer overflow.


SVE-2023-2215(CVE-2024-20820): Out-of-bounds read vulnerability in bootloader

Severity: Moderate
Affected versions: Selected Android 11, 12, 13 MediaTek devices
Reported on: November 28, 2023
Disclosure status: Privately disclosed
Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows attacker to cause an Out-Of-Bounds read.
The patch adds proper validation check logic to prevent Out-Of-Bounds read.


Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.


Acknowledgements
OrangeCat: SVE-2023-1449
Tron: SVE-2023-1548
Dawuge: SVE-2023-1609, SVE-2023-1610, SVE-2023-1674, SVE-2023-1754
Erik Lucas Smit: SVE-2023-1685
Maxime Rossi Bellom, Damiano Melotti and Raphaël Neveu from Quarkslab: SVE-2023-2215
Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.


Google patches include patches up to Android Security Bulletin – January 2024 package. The Bulletin (January 2024) contains the following CVE items:

Critical
CVE-2022-40507

High
CVE-2023-4272, CVE-2023-32804, CVE-2023-3889, CVE-2023-21215, CVE-2023-21227, CVE-2023-21228, CVE-2023-21216, CVE-2023-21218, CVE-2023-21166, CVE-2023-21164, CVE-2023-21163, CVE-2023-21162, CVE-2023-21217, CVE-2023-21401, CVE-2023-21402, CVE-2023-21263, CVE-2023-35690, CVE-2023-21403, CVE-2023-32847, CVE-2023-32848, CVE-2023-32851, CVE-2022-22076, CVE-2023-21652, CVE-2023-21664, CVE-2023-21662, CVE-2023-33017, CVE-2023-28546, CVE-2023-28585, CVE-2023-28586, CVE-2023-33022, CVE-2023-33054, CVE-2023-28550, CVE-2023-28551, CVE-2023-33018, CVE-2023-33081, CVE-2023-33089, CVE-2023-33098, CVE-2023-33088, CVE-2023-33080, CVE-2023-33097, CVE-2023-33079, CVE-2023-33092, CVE-2023-33107, CVE-2023-33106, CVE-2023-33063, CVE-2023-33053, CVE-2023-33087, CVE-2023-45779, CVE-2022-48457, CVE-2022-48458, CVE-2022-48459, CVE-2022-48454, CVE-2022-48455, CVE-2022-48461, CVE-2022-48456, CVE-2023-32818, CVE-2023-21245, CVE-2024-0015, CVE-2024-0018, CVE-2024-0023, CVE-2024-0019, CVE-2024-0021, CVE-2023-35671, CVE-2024-0016, CVE-2024-0017, CVE-2024-0020, CVE-2023-21266, CVE-2023-40120

Moderate
CVE-2023-32842, CVE-2023-32844, CVE-2023-32846, CVE-2023-32841, CVE-2023-32843, CVE-2023-32845

Already included in previous updates
CVE-2023-4863

Not applicable to Samsung devices
CVE-2023-32850, CVE-2023-28587, CVE-2023-28588, CVE-2023-40085


※ Please see Android Security Bulletin for detailed information on Google patches.


Along with Google patches, Samsung Mobile provides 5 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Jan-2024 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.


SVE-2023-1689(CVE-2024-20806): Improper access control in Notification service

Severity: Moderate
Affected versions: Android 11, 12, 13, 14
Reported on: September 19, 2023
Disclosure status: Privately disclosed
Improper access control in Notification service prior to SMR Jan-2024 Release 1 allows local attacker to access notification data.
The patch adds proper access control to prevent unauthorized data access.


SVE-2023-1667(CVE-2024-20802): Improper access control in Samsung DeX

Severity: Moderate
Affected versions: Selected Android 13 devices
Reported on: September 16, 2023
Disclosure status: Privately disclosed
Improper access control vulnerability in Samsung DeX prior to SMR Jan-2024 Release 1 allows owner to access other users' notification in a multi-user environment.
The patch adds proper access control logic to prevent unauthorized data access.


SVE-2023-1418(CVE-2024-20805): Path traversal vulnerability in MyFiles

Severity: Moderate
Affected versions: Android 11, 12 and MyFiles prior to version 14.5.00.21 in Android 13
Reported on: July 28, 2023
Disclosure status: Privately disclosed
Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows attackers to write arbitrary file.
The patch adds mitigation logic to prevent path traversal.


SVE-2023-1406(CVE-2024-20804): Path traversal vulnerability in MyFiles

Severity: Moderate
Affected versions: Android 11, 12 and MyFiles prior to version 14.5.00.21 in Android 13
Reported on: July 26, 2023
Disclosure status: Privately disclosed
Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows attackers to write arbitrary file.
The patch adds mitigation logic to prevent path traversal.


SVE-2023-1038(CVE-2024-20803): Improper authentication vulnerability in Bluetooth pairing process

Severity: High
Affected versions: Android 11, 12, 13, 14
Reported on: June 14, 2023
Disclosure status: Privately disclosed
Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction.
The patch deleted the auto-confirmation procedure under certain conditions.


Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.


Acknowledgements
Dzmitry Lukyanenka: SVE-2023-1689
Adnan Elezović: SVE-2023-1667
Febin Mon Saji: SVE-2023-1418
Dawuge: SVE-2023-1406