Samsung
Google says a severe One UI threat exposed some Samsung phones data
Google has disclosed that a severe One UI threat has exposed data of some Samsung phones. The company’s Project Zero team revealed details of three Samsung phone zero-day security vulnerabilities that are exploited by a spyware vendor.
The vulnerabilities that were found in One UI software were used as part of an exploit series to target Samsung phones running Android. These chained exposures allow an attacker to gain kernel source codes of Galaxy smartphones and eventually expose their data.
Follow Sammy Fans on Google News
The Google Project Zero security team further says that the hacker targets Samsung phones that feature an Exynos chip running a specific kernel version. Mostly, Galaxy phones with Exynos chips are available across Europe, the Middle East, and Africa, which are likely surveillance targets.
Join SammyFans on Telegram
The US tech giant also revealed the names of Samsung phones whose kernel is currently affected and whose data may be exposed. These devices include Galaxy S10, Galaxy A50, and Galaxy A51.
According to the information, the issues are already fixed. The vulnerabilities were exploited by an Android application that tricked some users into installing them without using the Google App Store.
The malicious app, as it is described earlier, allows attackers to break out of the application’s sandbox, which is specifically designed to secure access to the activity and the device’s operating system.
The first vulnerability in this chain (CVE-2021-25337) is the arbitrary file read and write, which was the foundation of this chain, used four different times, and used at least once in each step.
The second vulnerability (CVE-2021-25369) used by the chain is an information leak to leak the address of the task_struct and sys_call_table. Meanwhile, the final vulnerability in the chain (CVE-2021-25370) is a use-after-free of a file struct in the Display and Enhancement Controller (DECON) Samsung driver for the Display Processing Unit (DPU).
Furthermore, Google reported these vulnerabilities to Samsung in late 2020, when it received samples of the exploit. Whereas, the Korean company released the patch in March 2021.
Project Zero also reported that Samsung’s advisory still doesn’t mention wild exploits of these vulnerabilities, but it has promised to alert customers if malicious exploits are detected in the future.
Samsung’s April 2024 update is reportedly bricking Galaxy Z Fold 3. A user reported on the Korean version of Samsung’s community that this smartphone was stuck in recovery mode after triggering the installation of the F926NKSU2HXD2 firmware.
The problem seems limited as I haven’t found many reports regarding the same. At the same time, the comments section of the source post also lacks similar feedback from consumers. Still, I recommend you not to install the HXD2 firmware on your Galaxy.
Samsung has recently launched Samsung Wallet in its home ground. We’ve seen a heavy number of Samsung Pay users switching to Wallet for advanced payments and mobile ID features. Notably, the firmware update also brought Samsung Wallet Mobile ID integration for the Fold 3.
Apart from the Wallet upgrade, the firmware brings the April 2024 security patch. Samsung may have also released HXD2 to the Galaxy Z Flip 3 in South Korea. The same firmware was started rolling out to the Galaxy Z Flip 4, however, there are no reports from consumers in the community.
While the smartphone is stuck in recovery mode, the only way left is to wipe the data. Wiping data will lead the user to lose access to all the personal data that was not backed up. Also, there will be a lot of hurdles after manually resetting the device such as logging in via the trusted device.
We will update you on the matter!
Samsung's April 2024 update bricking Galaxy Z Fold 3 5G in South Korea ‼ ‼
– Suspected SW: F926NKSU2HXD2
After installing, the user's phone stuck into recovery mode.
Rebooting through volume/power keys doesn't work, infinite loop⁉#Samsung #GalaxyZFold3 #OneUI6 pic.twitter.com/DLJpXZQxXe
— Yash Rathore (@YashRathoreX) April 19, 2024
Stay up-to-date on Samsung Galaxy, One UI & Tech Stuffs by following Sammy Fans on X/Twitter. You can also discover the latest news, polls, reviews, and new features for Samsung & Google Apps, Galaxy Phones, and the One UI/Android operating system.
Do you like this post? Kindly, let us know on X/Twitter: we love hearing your feedback! If you prefer using other social platforms besides X, follow/join us on Google News, Facebook, and Telegram.
The US variant of Samsung Galaxy Z Flip 6 will be equipped with a Snapdragon 8 Gen 3 processor. There were reports that Samsung may expand the Exynos chipset to its foldable lineup, which doesn’t seem to be happening, at least in the United States.
Recently, Samsung Galaxy Z Flip 6 US variant was spotted on Geekbench with Snapdragon chip. It isn’t surprising as the company is following its conventional chipset strategy. We expect that it will be the same chipset used in the Galaxy S24 Ultra, the Snapdragon 8 Gen 3 for Galaxy.
The Flip 6 smartphone scored 15084 points on Geekbench’s GPU test. Due to its foldable form factor, the device may miss a Galaxy S24-like larger cooling technology. Still, its impressive 15000+ points in the GPU test indicates that Samsung has greatly optimized the software.
The company still has three months remaining in the launch event. More performance improvements will likely be achieved before the Unpacked. The South Korean tech giant will likely unveil the next-gen foldable phones in mid-July.
This year, the Galaxy Z Fold 6 Ultra would join the standard Galaxy Z Fold 6 and the Galaxy Z Flip 6. In addition, an affordable variant of Fan Edition branding is also in development. However, the cheaper foldable would miss some pro-grade specs to maintain the price.
Stay up-to-date on Samsung Galaxy, One UI & Tech Stuffs by following Sammy Fans on X/Twitter. You can also discover the latest news, polls, reviews, and new features for Samsung & Google Apps, Galaxy Phones, and the One UI/Android operating system.
Do you like this post? Kindly, let us know on X/Twitter: we love hearing your feedback! If you prefer using other social platforms besides X, follow/join us on Google News, Facebook, and Telegram.
Samsung Galaxy M35 5G is confirmed to feature Bluetooth 5.3 technology. The phone has recently surfaced on Samsung India’s support website, hinting at imminent launch. Rapid developments indicate that the device will soon be released in the Indian market.
As spotted by MySmartPrice, the Samsung Galaxy M35 5G appeared on the Bluetooth SIG certification site. The database revealed that Samsung’s next M series phone carries model number SM-M356B_DS and supports Bluetooth 5.3.
Samsung recently launched the Galaxy A35 5G in the US, following the Global debut last month. The phone costs $400, while the upcoming Galaxy M35 5G will introduce identical design and specs at a lower price in select markets including India.
Previous reports reveal that the Galaxy M35 5G packs a 6000mAh battery with 25W charging support. The phone could be powered by an Exynos 1380 SoC paired with at least 6GB of RAM. It’s confirmed that the One UI 6.1 with Android 14 will come pre-loaded with it.
Stay up-to-date on Samsung Galaxy, One UI & Tech Stuffs by following Sammy Fans on X/Twitter. You can also discover the latest news, polls, reviews, and new features for Samsung & Google Apps, Galaxy Phones, and the One UI/Android operating system.
Do you like this post? Kindly, let us know on X/Twitter: we love hearing your feedback! If you prefer using other social platforms besides X, follow/join us on Google News, Facebook, and Telegram.