Exciting times for Galaxy flagship owners, with the excellent Android 15 upgrade due to be released in just a few weeks, alongside the launch of the new S25. The new OS brings a raft of security and privacy enhancements as Samsung narrows the gap to iPhone, some are general Android enhancements and some are specific to Samsung.
However, one area where a lot of work is still being done is the painful monthly process of patching security vulnerabilities, again, whether on Android or Samsung. We’ve noticed several delays in recent months as Samsung lags behind Pixels in getting critical OS fixes. The new S25 will most likely go through the seamless Android update process for the first time, which will help, but that alone probably wouldn’t fix the monthly merry-go-round.
Although most of the recent harmful vulnerabilities are similar to the Android operating system or Qualcomm chipsets, some critical Samsung-specific issues were fixed last month. As I reported in December, one vulnerability in particular, CVE-2024-49415, that a Samsung memory factor has been consistent to “prevent potential attacks when remotely executing code on Galaxy devices. “Now, a Google Project Zero researcher has “consistently this factor,” which “shows a fun new attack surface. “Android RCS transcribes incoming media locally, making audio codec vulnerabilities now fully remote.
The threat is “an out-of-bounds write in the Monkey’s Audio (APE) decoder on the Samsung S24. The function saped_rec in libsaped.so writes to a dmabuf allocated by the C2 media service, which always appears to have size 0x120000. While the maximum blocksperframe value extracted by libsapedextractor is also limited to 0x120000, saped_rec can write.”
In concrete terms, this considers the S24 transcription service that transcodes the audio attached to an RCS message. “Please note that this is a completely remote (0 click) error on the Samsung S24,” the text warns. “If Google Messages is configured for RCS (the default on this device), because the transcription service decodes incoming audio before a user interacts with the message for transcription purposes,” the device would likely be attacked.
The vulnerability can be exploited by writing up to three times the allowed amount of data, which risks corrupting memory and potentially leaving data open to a completely remote attack. A very likely attack would combine this vulnerability with others to implant malware, exfiltrate data, or attempt to take over a device. The article includes the main points of a demonstrable attack on the S24, the bug “has been tested on the Samsung S23 and S24 and both appear to be affected. ” It has not been tested on other devices.
If you have installed December’s security release, then your device is secure against this threat. You should check your phone now and make sure that’s the latest update you’re running. But not all affected devices will have bene updated, and while newer flagships are usually patched early in the month, the update schedule runs to the month-end and sometimes beyond. All the more reason to check for updates and install as soon as available.
One community, many voices. Create a loose account to divide your thoughts.
Our network aims to connect other people through open and thoughtful conversations. We need our readers to share their perspectives and exchange concepts and facts in one space.
In order to do so, please follow the posting rules in our site’s Terms of Service. We’ve summarized some of those key rules below. Simply put, keep it civil.
Your message will be rejected if we notice that it appears to contain:
User accounts will be blocked if we become aware or if users are concerned about:
So, how can you be a user?
Thanks for reading our community guidelines. Please read the full list of posting rules found in our site’s Terms of Service.