Android Security Updates · Samsung Mobile Security

»Samsung releases monthly and quarterly security updates on selected Samsung devices listed below.
Monthly and quarterly security updates will include patches for Android OS related security issues released by Google, as well as, patches for Samsung-specific security issues.«

»Samsung Mobile is releasing a maintenance release for major flagship models as part of monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung.«

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Monthly device updates are an important tool to keep Android users safe and protect their devices. This page contains the available Android Security Bulletins, which provide fixes for possible issues affecting devices running Android.

Samsung SMR-MAY-2020

9x Critical security vulnerabilitiesl

CVE-2019-10609, CVE-2019-14112, CVE-2019-14114, CVE-2019-14111, CVE-2019-14113, CVE-2019-14131, CVE-2019-14110, CVE-2020-0096, CVE-2020-0103

36x High security vulnerabilities

CVE-2019-14070, CVE-2019-19807, CVE-2019-10483, CVE-2019-10589, CVE-2019-14104, CVE-2019-14105, CVE-2019-14021, CVE-2019-14122, CVE-2019-14011, CVE-2019-14012, CVE-2019-10551, CVE-2019-14020, CVE-2019-14033, CVE-2019-10610, CVE-2019-14022, CVE-2019-14018, CVE-2019-14019, CVE-2019-19532, CVE-2019-19524, CVE-2019-14132, CVE-2019-14134, CVE-2019-14135, CVE-2020-3651(A-148816543 / A-148816872), CVE-2019-2056, CVE-2020-0097, CVE-2020-0098, CVE-2020-0094, CVE-2020-0093, CVE-2020-0100, CVE-2020-0101, CVE-2020-0102, CVE-2020-0109, CVE-2020-0105, CVE-2020-0024, CVE-2020-0092, CVE-2020-0106

19x Moderate security vulnerabilities

CVE-2020-0050, CVE-2020-0085, CVE-2020-0046, CVE-2020-0051, CVE-2020-0048, CVE-2020-0049, CVE-2020-0045, CVE-2020-0055, CVE-2020-0056, CVE-2020-0057, CVE-2020-0058, CVE-2020-0059, CVE-2020-0083, CVE-2020-0060, CVE-2020-0084, CVE-2020-0053, CVE-2020-0054, CVE-2020-0066, CVE-2020-0104

Android Security BulletinMay 2020

Updated AOSP versions 8.0, 8.1, 9, 10 [Oct. 2019 the last update for AOSP versions 7.1.1, 7.1.2]

I wonder what vulnerabilities are on my Galaxy J5 2015 (not updated by Samsung since September 2017)… I guess I will never know :yum:

Are G°°gle Android Security patches of AOSP versions 8.0, 8.1 not applied to /e/ for j5nlte dev (oreo)?

Yes Security patches from Google are applied. But I don’t think it includes things like Bluetooth firmware, WiFi firmware or something like that, when a device like mine isn’t supported by Samsung anymore. I hope I’m wrong though.

No, you’re not wrong about your assumption. When official support for the Samsung device ends, it will no longer receive hardware specific firmware updates. This includes, among other things, the baseband firmware. This also applies to all other smartphone manufacturers. (*). Sustainability isn’t a real issue for manufacturers. They always want to sell only new devices. But this is the same in other branches. There is no such thing as 100% certainty, not even remote certainty.

(*) The life cycle of Wind°ws OS is similar. With the service end of the regular support no more enhancements or improvements of the functionality are provided, but still security patches. The end date for extended support also marks the end of this service (see Wind°ws 7, except for the Windows 7 Extended Security Updates (ESU) for OS from a Volume License Agreement).

1 Like

In June 2020 the vulnerabilities in the Critical and High areas are low compared to the previous months

Samsung SMR-JUNE-2020
Android Security Bulletin — June 2020