Baseband updates?

Hey there,

I’m using /e/ since quite some time now on my S9.
What I noticed when updating to the latest OS patch, is that the baseband is not touched at all.

Is there a reason why baseband updates are not included in regular OS updates? It would be great to have them included as it’s a real security concern to stay on outdated baseband versions (e.g. https://techcrunch.com/2019/11/08/android-baseband-flaws/).

Would love to hear some feedback from the support team here.

Cheers guys!

Any updates on this? Do you maybe know something @Manoj ?

Hi @exyna the security patches we apply to our device builds are the standard patches that are released for all android devices by google. Also they get applied towards the mid of each month. If you are aware of any difference in the baseband version on stock ROM / Lineage OS ROM and /e/ ROM on the same OS pl let us know.

Thanks for your answer @Manoj.

I’m well aware that the security patches applied to /e/ os follow the standard patches released by Google in a monthly cycle. This is of.course well practice as one can be sure, that the system itself is always up to date and hardened against vulnerabilites in android itself.

However, if baseband software is not updated, vulnerabilites can still exist in the underlying modem software which still allows an attacker to possibly exploit the android system - even if the system itself has latest patches installed.

As far as I know, when installing or updating /e/, the RADIO (modem) and CP_DEBUG (modem debug) partitions are not touched at all. So basically, the baseband version stays the same at the point when a user switches from stock to a custom ROM and as long as he does not install patches himself.

If you check sammobile or this xda-thread ( https://forum.xda-developers.com/galaxy-s9/how-to/basebands-modems-sm-g960f-g965f-t3858990 ), you will see that new baseband versions are released regulary.

Would it be possible to implement such patches in the offical /e/-builds so that not only advanced users but everyone is able to use a fully secure device?

Yes I’m also interested of the different aspects of security updates, not only the security patch from the AOSP.

Hi @rhunault please check the response from @exyna above reg updates to baseband and other patches separate from the security patch to be added to the builds.

The topic Latest Modem is certainly an interesting one and should not be neglected.

However, only relatively recent models like the Samsung Galaxy S9 will get “regular” modem updates from the manufacturer.

A Galaxy S5 SM-G900F with last StockROM 6.0.1 and update from 2018-03-19 (DBT) for example will not get any modifications from Samsung anymore. With the version CP (Modem) G900FXXU1CQK3 is over. Nevertheless, this phone is and remains a very much appreciated phone for me - especially since it is operated with /e/ 9-Pie.