New warning hits millions of Samsung Galaxy users
Samsung’s latest security update, released earlier this month, suddenly has a sting in its tail. Google has just warned that a high-severity vulnerability impacting Samsung’s mobile processors has been exploited in the wild.
Samsung describes CVE-2024-44068 as “a use-after-free in the mobile processor,” which it says “leads to privilege escalation.” This means memory access isn’t shut down properly after a process concludes and can be accessed remotely. According to Google’s Xingyu Jin and Clement Lecigene, this is now “part of an exploit chain.”
While it doesn’t open devices to attack on its own, it has been combined with other vulnerabilities to enable arbitrary code to be executed on phones. “This 0-day exploit is part of an EoP chain,” the researchers report. “The actor is able to execute arbitrary code in a privileged cameraserver process.”
The vulnerability affects a driver handling media acceleration on devices, which is interesting given Samsung also addressed five critical vulnerabilities in its October release affecting a Galaxy-specific process in its own Galaxy-specific firmware, that also impacted media processing on a device—this time compressed video handling.
While its unclear what exploit has been found and in whose hands, it’s quite likely spyware-related given the raft of such attacks outed by researchers in recent months.
This is already a tricky week for the Samsung-Google relationship—at least optically. As millions of Pixel devices install Android 15 with its heralded security updates, Samsung is running late and won’t see its own Android 15 upgrade until 2025, at around the same time as the Galaxy S25 Series is launched.
It’s not all smooth running for Pixels, as bricked devices and other teething issues have hit some of those upgrading, but the new software has been largely welcomed, especially given its innovative security and privacy updates.
For Samsung Galaxy users, the advice is to update as soon as possible, albeit the Exynos processors involved (9820, 9825, 980, 990, 850, W920) impact older devices which won’t all have monthly support in place. That might be a reason to upgrade.