logo

Samsung KNOX Kernel UAF Exposes Millions of Galaxy Devices

ID: 95fb05c4-c410-56bf-85be-6dbf7006a7a9

STIX ID: report--95fb05c4-c410-56bf-85be-6dbf7006a7a9

Feed Name: Security Affairs

Threat Score
78/100

Date Published: 2026-06-23

Date Updated: 2026-06-24

Author: Pierluigi Paganini

...
...

The report describes a Samsung KNOX kernel use‑after‑free (CVE-2026-20971) in the PROCA/FIVE interaction that, via a narrow race window, can allow an untrusted app to trigger kernel memory corruption and potentially full device takeover across many Galaxy devices; Samsung released a patch in January 2026 covering affected models on Android 13–16.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.