Samsung S8,S9 hardware vulnerability


I don’t know if Murena team adds security code outside android code but there is an hardware security flaw on Samsung S8,S9.

Samsung has corrected the flaws in Q4 2021.

Best regards

Regain your privacy! Adopt /e/ the unGoogled mobile OS and online servicesphone

Would be nice to have confirmation from Murena that e/os has the fix in their os.

doesn’t it read like Samsung didn’t publish mitigations for S8/S9?

For fixing CVE-2021-25444, Samsung “removed the option to add a custom IV from the API. To patch CVE-2021-25490, the tech giant removed the “legacy key blob implementation” in the latest models S10, S20, and S21, running Android P or later.


I found the original paper.

Looks like lowlevel code not hardware. Since we use Samsung firmware, is it in the firmware ?

there are apparently updates for at least S9 - but samsungs sec page is not helpful in letting me search if the CVEs were adressed for which device, lost my search power then… fyi!

Hallo, weiss jemand, ob ich ein Murena Samsung S8 / S9 kabellos laden kann?