Samsung has outed the contents of its May 2017 Android security patch that will be pushed out to Samsung devices in the near future, and on top of the latest Android Security Update from Google that ships with 54 fixes, the software package also contains 11 Galaxy-specific vulnerability fixes. On Google’s side, the May patch is quite large, and is mostly made up of fixes to core Android components like the Mediaserver and Framework. On Samsung’s side, the fixes are mostly patch-ups for exploits that can be used to attack a device. The exploits are all privately disclosed for now, withholding key details of how they work to keep them from being exploited before the patch is fully distributed.
The fixes that Samsung did disclose include a vulnerability that allows a hacker to use a reboot system call to crash a phone, system crash vulnerabilities related to Wi-Fi, holes in Java handling that enables local denial of service attacks, a bug that allowed hackers to disable the location service of locked phones to avoid being tracked down with stolen goods, and a bug in the “tima” service that could lead to a kernel panic if exploited. Outside of Samsung’s own people, the company gave special thanks to qihoo360’s Vulpecker Team, Kryptowire’s Ryan Johnson, and Angelos Stavrou, as well as a private security researcher known only as “Zane”.
April’s security patch from Samsung was a bit larger in scale, including 19 fixes of their own on top of Google’s April patch. A number of notable bugs was eliminated with that update, including GPU driver issues for certain devices, a bug that could be exploited to cause a device to go into a factory reset, and a particularly troublesome permission bug that could leak a user’s system log files to a hacker and make it easier for them to steal critical data. As with all Samsung-made patches, this is only the base level of the patch being detailed out, and some devices will get specific fixes as the patch starts rolling out. Some glitches that are privately disclosed may end up being fully disclosed, and some bugs that are confidential for the time being could come to light at a later date.