CVE-2024-20842

Vulnerability

An improper input validation vulnerability exists in the APDU handling routine of libsec-ril on Samsung mobile devices. Prior to SMR Apr-2024 Release 1, the component fails to properly validate input data when processing Application Protocol Data Units (APDUs), allowing an attacker to write out-of-bounds memory. Affected versions include all Samsung firmware releases before the April 2024 security update.

Exploitation

Exploitation requires local privileged access to the device. An attacker must have the ability to send crafted APDU commands to the libsec-ril component, which typically requires elevated privileges (e.g., system or root). The attacker can then trigger the out-of-bounds write by providing specially crafted input that bypasses the missing validation checks.

Impact

Successful exploitation results in an out-of-bounds memory write within the libsec-ril process. This can lead to memory corruption, potentially enabling arbitrary code execution at the privilege level of the RIL (Radio Interface Layer) service. The impact may include full compromise of the device's telephony stack and sensitive data exposure.

Mitigation

The vulnerability is fixed in Samsung's SMR (Security Maintenance Release) for April 2024, released on 2024-04-01 [1]. Users should update their devices to the latest firmware version via the Samsung Software Update mechanism. No workaround is available for unpatched devices. The issue is not currently listed on the CISA Known Exploited Vulnerabilities (KEV) catalog.