Key Details

• CVE ID: CVE-2024-49415
• Severity: Critical rated by Samsung
• Affected Components: Monkey's Audio (APE) decoder, specifically the libsaped.so library
• Impacted Devices: Samsung Galaxy S23, S24, and potentially other models
• Vulnerability Type: Out-of-bounds write

The vulnerability stems from an out-of-bounds write issue in the saped_rec function within the libsaped.so library. This function writes to a DMA buffer allocated by the C2 media service, which has a fixed size of 0x120000 bytes. However, specially crafted APE files with large blocksperframe sizes can cause substantial buffer overflow.

Exploitation Scenario:
The vulnerability is especially concerning because it can be triggered remotely via Rich Communication Services (RCS) messaging, which is enabled by default on Samsung S24 devices. This allows attackers to exploit the vulnerability without any user interaction, increasing the likelihood of successful exploitation.

Affected Versions:

• Samsung S24 (all models and versions)
• Samsung S23 and other Samsung models (potentially affected)
  
   
• Refer below website for more details about security updates
• https://security.samsungmobile.com/securityUpdate.smsb