Android devices manufacturers are slowly getting better at getting monthly security patches out in a timely manner despite some of them being quite large, and Samsung has taken to their security blog to give fans a breakdown of what fixes are on board the newest patches going out to Galaxy smartphones, including some of their own additions. In total, this time around, users can expect to see 49 distinct fixes for CVE, or common vulnerability exploits, built into Android. On Samsung's end, they've added in 19 fixes of their own that address issues specific to their own lineup of devices. This is, of course, a breakdown of the general base patch, so devices may get additional fixes catered specifically to exploits or bugs related to their features.
Many of the exploits on show being patched here are common stuff; your average privilege escalation and overflow bugs. The 49 patches from Google all run mostly along this line, with a number of them potentially allowing some really nasty stuff to happen if they go unpatched. In some of the patches, though, things get a little unorthodox and interesting. One example is a bug that lets log files include user data and subsequently get stolen, allowing sensitive data to be leaked. Kernel bypasses that give hackers full system control, camera memory leaks, and API-related crashes are also all on the list.
On the Samsung side of things, we see some really interesting bugs. A GPU driver bug can cause the driver to read and execute out of bounds code that it's pointed to in just the right way, for example. There's also a bug with large manifest files that can be exploited to forcefully factory reset a device; while not exactly dangerous as long as your sensitive data is backed up, this one can be annoying. There's also a bug with log files of certain types being illicitly obtainable, and showing where on the device key files can be found, allowing a script to later be made to fetch them. Many of these vulnerabilities are listed as "privately disclosed", which means that Samsung cannot disclose the technical details because hackers may use that information to take advantage of the exploits while some devices are awaiting the patch.