Samsung KNOX Kernel UAF Exposes Millions of Galaxy Devices
ID: 95fb05c4-c410-56bf-85be-6dbf7006a7a9
STIX ID: report--95fb05c4-c410-56bf-85be-6dbf7006a7a9
Feed Name: Security Affairs
Threat Score
The report describes a Samsung KNOX kernel use‑after‑free (CVE-2026-20971) in the PROCA/FIVE interaction that, via a narrow race window, can allow an untrusted app to trigger kernel memory corruption and potentially full device takeover across many Galaxy devices; Samsung released a patch in January 2026 covering affected models on Android 13–16.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
