Download A320FLXXU2CRD4 for SM-A320FL

Brief instructions about Firmware Flashing

– Extract (unzip) the firmware file that you have downloaded.

– Download Odin Flashing Tool.

– Extract Odin ZIP file.

– Open Odin Flashing Tool.

– Reboot your Phone in Download Mode (press and hold Home + Power + Volume Down buttons).

– Connect your phone to the PC and wait until you get a blue sign in Odin.

– Add the firmware file to AP / PDA.

– Make sure re-partition option is not ticked.

– Click the start button, and wait few minutes.

Follow this tutorial for detailed and Step-by-step instructions.

Along with Google patches, Samsung Mobile provides 8 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Apr-2018 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.

SVE-2017-10638: Information disclosure on Trustlet

Severity: Low
Affected versions: M(6.x) on Exynos and Qualcomm chipsets
Reported on: Sept 29, 2017
Disclosure status: Publicly disclosed.
A session information of Trustlet remains in the debug log.
The patch removed the information from the debug log.

SVE-2017-10886: Code Execution in Call+

Severity: High
Affected versions: N(7.x), O(8.x)
Reported on: November 2, 2017
Disclosure status: Privately disclosed.
There is a vulnerable implementation in Call+ application which can load classes from specific path.
The applied patch removed unused vulnerable implementation.

SVE-2017-10897: NFC activated by magnet

Severity: Low
Affected versions: N(7.0)
Reported on: September 14, 2017
Disclosure status: Privately disclosed.
The vulnerability allows NFC activation to bypass lockscreen when a magnet is close to a specific point of device.
The patch disabled NFC activation in such event.

SVE-2017-10987: Information disclosure on Secure Driver

Severity: Moderate
Affected versions: N(7.x) on Exynos8890/8895 models
Reported on: September 29, 2017
Disclosure status: Publicly disclosed
The secure driver doesn’t check a modified trustlet which can cause to expose KASLR offset, resulting in possible information disclosure.
The patch limited an unauthorized access based on the whitelist to prevent illegal use.

SVE-2017-11107: Clipboard contents disclosure

Severity: High
Affected versions: M(6.0), N(7.x), O(8.x)
Reported on: October 24, 2017
Disclosure status: Privately disclosed.
The vulnerability leaks the clipboard contents via keyboard in emergency call when the screen is locked.
The applied patch removed clipboard button in the keyboard when then screen is locked.

SVE-2018-11463: Buffer Overflow in OMACP WbXml String Extension Processing

Severity: Moderate
Affected versions: M(6.0), N(7.x)
Reported on: February 22, 2018
Disclosure status: Privately disclosed.
A malformed OMACP WAP push message can cause integer overflow and memory corruption when processing the string extension portion of the WbXml payload.
The patch confirmed the range of integer and discarded the malformed OMACP message.

SVE-2018-11469: Placing video calls, running SS and USSD codes without permissions

Severity: Moderate
Affected versions: M(6.0), N(7.x), O(8.0)
Reported on: February 22, 2018
Disclosure status: Privately disclosed.
There is an unprotected component in Contacts application which can place video call, and run SS(Supplementary Service) and USSD(Unstructured Supplementary Service Data) codes without permission.
The applied patch protected the component.

Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.

See Full details about April, 2018 Security Patch Update here.