SB20251114104 - Multiple vulnerabilities in Samsung Mobile Firmware (February 2025)

Description

This security bulletin contains information about 35 secuirty vulnerabilities.

1) Improper Verification of Cryptographic Signature (CVE-ID: CVE-2023-24023)

The vulnerability allows a remote attacker to perform a MitM attack.

The vulnerability exists due to improper verification of cryptographic signature in bluetooth implementation. A remote attacker with physical proximity to the system can perform MitM attack and potentially compromise the system.

2) Information exposure (CVE-ID: CVE-2023-40137)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.

3) Information exposure (CVE-ID: CVE-2023-40138)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.

4) Information exposure (CVE-ID: CVE-2023-40139)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.

5) Information exposure (CVE-ID: CVE-2024-0037)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.

6) Information exposure (CVE-ID: CVE-2025-0100)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.

7) Improper input validation (CVE-ID: CVE-2024-49741)

The vulnerability allows a local application to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the Framework component. A local application can perform a denial of service (DoS) attack.

8) Improper input validation (CVE-ID: CVE-2025-0094)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within the Platform component. A local application can execute arbitrary code.

9) Improper input validation (CVE-ID: CVE-2025-0091)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.

10) Information exposure (CVE-ID: CVE-2023-40135)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.

11) Improper input validation (CVE-ID: CVE-2025-0095)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.

12) Information exposure (CVE-ID: CVE-2024-49723)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.

13) Information exposure (CVE-ID: CVE-2024-49729)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.

14) Information exposure (CVE-ID: CVE-2023-40136)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.

15) Information exposure (CVE-ID: CVE-2023-40134)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.

16) Stack-based buffer overflow (CVE-ID: CVE-2024-20154)

The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to a missing bounds check within Modem. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.

17) Buffer overflow (CVE-ID: CVE-2024-21464)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in Data Network Stack & Connectivity. A local application can execute arbitrary code.

18) Use-after-free (CVE-ID: CVE-2024-43704)

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in PVRSRVAcquireProcessHandleBase. A local application can cause psProcessHandleBase reuse when PIDs are reused and escalate privileges on the system.

19) Out-of-bounds write (CVE-ID: CVE-2024-20143)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to a missing bounds check within DA. A local application can execute arbitrary code.

20) Out-of-bounds write (CVE-ID: CVE-2024-20144)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to a missing bounds check within DA. A local application can execute arbitrary code.

21) Out-of-bounds write (CVE-ID: CVE-2024-20145)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to a missing bounds check within DA. A local application can execute arbitrary code.

22) Out-of-bounds write (CVE-ID: CVE-2024-20105)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to a missing bounds check within m4u. A local application can execute arbitrary code.

23) Out-of-bounds write (CVE-ID: CVE-2024-20140)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to a missing bounds check within power. A local application can execute arbitrary code.

24) Out-of-bounds write (CVE-ID: CVE-2024-20146)

The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within wlan. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.

25) Out-of-bounds write (CVE-ID: CVE-2024-20148)

The vulnerability allows a remote attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within wlan. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.

26) Use After Free (CVE-ID: CVE-2024-45553)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in DSP Services. A local application can execute arbitrary code.

27) Information exposure (CVE-ID: CVE-2023-40133)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.

28) Buffer over-read (CVE-ID: CVE-2024-45558)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation in WLAN Host Cmn. A remote attacker can perform a denial of service (DoS) attack.

29) Improper input validation (CVE-ID: CVE-2024-49721)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.

30) Improper input validation (CVE-ID: CVE-2024-49743)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.

31) Improper input validation (CVE-ID: CVE-2024-49746)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.

32) Improper input validation (CVE-ID: CVE-2025-0097)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.

33) Improper input validation (CVE-ID: CVE-2025-0098)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.

34) Improper input validation (CVE-ID: CVE-2025-0099)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.

35) Information exposure (CVE-ID: CVE-2023-40122)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.

Remediation

Install update from vendor's website.

References

• https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=02