Samsung SMR Nov-2025 安全补丁公告 (含 CVE-2024-1836 等漏洞详情)

关键漏洞信息 SMR-NOV-2025 Google Patches Critical: CVE-2021-48593, CVE-2021-34757 High: CVE-2021-48681, CVE-2021-48583, CVE-2021-48588, CVE-2021-48589, CVE-2021-48604, CVE-2021-48596, CVE-2021-48607, CVE-2021-48609, CVE-2021-48590, CVE-2021-48603, CVE-2021-48582, CVE-2021-48575, CVE-2021-48595, CVE-2021-48598, CVE-2021-48599, CVE-2021-48612, CVE-2021-48600, CVE-2021-4860A, CVE-2021-4870A, CVE-2021-41700, CVE-2021-48580 Moderate: None Samsung Semiconductor Patch High: CVE-2021-54371, CVE-2021-57910, CVE-2021-54602, CVE-2021-54601, CVE-2021-54335, CVE-2021-52909, CVE-2021-53966, CVE-2021-49495, CVE-2021-52908, CVE-2024-54746, CVE-2021-27614 Samsung Vulnerabilities and Exposures (SVE) Items CVE-2024-1836 (SVE-2025-21071): Out-of-bounds write in handling opcode in fingerprint trustlet - Severity: High - Affected versions: Android 13, 14, 15, 16 - Reported on: September 19, 2023 - Disclosure status: Privately disclosed - Description: Out-of-bounds writes in handling opcode in fingerprint trustlet prior to SMR Nov-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. CVE-2025-6062 (CVE-2025-21073): Insecure default configuration in USB connection mode - Severity: Moderate - Affected versions: Android 13, 14, 15, 16 - Reported on: April 16, 2023 - Disclosure status: Privately disclosed - Description: Insecure default configuration in USB connection mode prior to SMR Nov-2025 Release 1 allows privileged physical attackers to access user data. User interaction is required for exploitation of this vulnerability. CVE-2025-1898 (CVE-2025-21074): Out-of-bounds read in libimagecodec.quram.so - Severity: High - Affected versions: Android 13, 14, 15, 16 - Reported on: September 5, 2023 - Disclosure status: Privately disclosed - Description: Out-of-bounds read in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory. CVE-2025-1957 (CVE-2025-21075): Out-of-bounds write in libimagecodec.quram.so - Severity: High - Affected versions: Android 13, 14, 15, 16 - Reported on: September 15, 2023 - Disclosure status: Privately disclosed - Description: Out-of-bounds write in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory. ``` 这些信息涵盖了关键的漏洞类型、严重程度、受影响的Android版本以及报告和披露日期，有助于理解此次安全更新的主要内容和影响范围。

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

Samsung SMR Nov-2025 安全补丁公告 (含 CVE-2024-1836 等漏洞详情)

目标达成感谢每一位支持者 — 我们达成了 100% 目标！