First published: Tue Feb 06 2024(Updated: )
Out-of-bounds Write vulnerabilities in svc1td_vld_slh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.
Credit: mobile.security@samsung.com
Affected Software | Affected Version | How to fix |
---|---|---|
=11.0 | ||
=11.0-smr-apr-2021-r1 | ||
=11.0-smr-apr-2022-r1 | ||
=11.0-smr-apr-2023-r1 | ||
=11.0-smr-aug-2021-r1 | ||
=11.0-smr-aug-2022-r1 | ||
=11.0-smr-aug-2023-r1 | ||
=11.0-smr-dec-2020-r1 | ||
=11.0-smr-dec-2021-r1 | ||
=11.0-smr-dec-2022-r1 | ||
=11.0-smr-dec-2023-r1 | ||
=11.0-smr-feb-2021-r1 | ||
=11.0-smr-feb-2022-r1 | ||
=11.0-smr-feb-2023-r1 | ||
=11.0-smr-jan-2021-r1 | ||
=11.0-smr-jan-2022-r1 | ||
=11.0-smr-jan-2023-r1 | ||
=11.0-smr-jan-2024-r1 | ||
=11.0-smr-jul-2021-r1 | ||
=11.0-smr-jul-2022-r1 | ||
=11.0-smr-jul-2023-r1 | ||
=11.0-smr-jun-2021-r1 | ||
=11.0-smr-jun-2022-r1 | ||
=11.0-smr-jun-2023-r1 | ||
=11.0-smr-mar-2021-r1 | ||
=11.0-smr-mar-2022-r1 | ||
=11.0-smr-mar-2023-r1 | ||
=11.0-smr-may-2021-r1 | ||
=11.0-smr-may-2022-r1 | ||
=11.0-smr-may-2023-r1 | ||
=11.0-smr-nov-2021-r1 | ||
=11.0-smr-nov-2022-r1 | ||
=11.0-smr-nov-2023-r1 | ||
=11.0-smr-oct-2021-r1 | ||
=11.0-smr-oct-2022-r1 | ||
=11.0-smr-oct-2023-r1 | ||
=11.0-smr-sep-2021-r1 | ||
=11.0-smr-sep-2022-r1 | ||
=11.0-smr-sep-2023-r1 | ||
=12.0 | ||
=12.0-smr-apr-2022-r1 | ||
=12.0-smr-apr-2023-r1 | ||
=12.0-smr-aug-2022-r1 | ||
=12.0-smr-aug-2023-r1 | ||
=12.0-smr-dec-2021-r1 | ||
=12.0-smr-dec-2022-r1 | ||
=12.0-smr-dec-2023-r1 | ||
=12.0-smr-feb-2022-r1 | ||
=12.0-smr-feb-2023-r1 | ||
=12.0-smr-jan-2022-r1 | ||
=12.0-smr-jan-2023-r1 | ||
=12.0-smr-jan-2024-r1 | ||
=12.0-smr-jul-2022-r1 | ||
=12.0-smr-jul-2023-r1 | ||
=12.0-smr-jun-2022-r1 | ||
=12.0-smr-jun-2023-r1 | ||
=12.0-smr-mar-2022-r1 | ||
=12.0-smr-mar-2023-r1 | ||
=12.0-smr-may-2022-r1 | ||
=12.0-smr-may-2023-r1 | ||
=12.0-smr-nov-2021-r1 | ||
=12.0-smr-nov-2022-r1 | ||
=12.0-smr-nov-2023-r1 | ||
=12.0-smr-oct-2022-r1 | ||
=12.0-smr-oct-2023-r1 | ||
=12.0-smr-sep-2022-r1 | ||
=12.0-smr-sep-2023-r1 | ||
=13.0 | ||
=13.0-smr-apr-2023-r1 | ||
=13.0-smr-aug-2023-r1 | ||
=13.0-smr-dec-2022-r1 | ||
=13.0-smr-dec-2023-r1 | ||
=13.0-smr-feb-2023-r1 | ||
=13.0-smr-jan-2023-r1 | ||
=13.0-smr-jan-2024-r1 | ||
=13.0-smr-jul-2023-r1 | ||
=13.0-smr-jun-2023-r1 | ||
=13.0-smr-mar-2023-r1 | ||
=13.0-smr-may-2023-r1 | ||
=13.0-smr-nov-2022-r1 | ||
=13.0-smr-nov-2023-r1 | ||
=13.0-smr-oct-2022-r1 | ||
=13.0-smr-oct-2023-r1 | ||
=13.0-smr-sep-2023-r1 | ||
=14.0 | ||
=14.0-smr-dec-2023-r1 | ||
=14.0-smr-jan-2024-r1 | ||
=14.0-smr-nov-2023-r1 | ||
=14.0-smr-oct-2023-r1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-20817 is classified with a high severity due to its potential to enable local attackers to exploit buffer overflow vulnerabilities.
To remediate CVE-2024-20817, users should update their Samsung devices to the SMR Feb-2024 Release 1 or later.
CVE-2024-20817 affects multiple Samsung Android versions including 11.0 and 12.0 prior to the SMR Feb-2024 Release 1.
CVE-2024-20817 can lead to localized attacks that successfully execute arbitrary code or crash the affected application.
Individuals using affected versions of Samsung Android devices are at risk from CVE-2024-20817 vulnerabilities.