Updates
Samsung October 2021 Security Patch details are here!
As always, Samsung had already started distributing the October 2021 security patch to its Galaxy devices. However, the company has just released the details of its most up-to-date security update, which mentions fixes for dozens of CVEs and SVEs from Google and Samsung.
According to Samsung, its October 2021 security patch update brings fixes for 6 critical levels of CVEs namely CVE-2021-1886, CVE-2021-1889, CVE-2021-1888, CVE-2021-1890, CVE-2021-1933, and CVE-2021-1946. However, it also includes fixes for 24 high and 12 moderate levels of CVEs from Google.
Join SammyFans on Telegram | Twitter | Facebook
At the moment, Samsung Mobile is rolling out a maintenance release for major flagship models as part of the monthly Security Maintenance Release (SMR) process. To be mentioned, this Security Maintenance Release package includes patches from Google and Samsung.
Samsung October 2021 security patch contains the following CVE items:
Critical
- CVE-2021-1886, CVE-2021-1889, CVE-2021-1888, CVE-2021-1890, CVE-2021-1933, CVE-2021-1946
High
- CVE-2021-1923, CVE-2021-1909, CVE-2021-1935, CVE-2021-1952, CVE-2021-1934, CVE-2021-30290, CVE-2021-30294, CVE-2021-30295, CVE-2021-0695, CVE-2021-1948, CVE-2021-1941, CVE-2021-1974, CVE-2021-1971, CVE-2020-26558, CVE-2021-0703, CVE-2021-0652, CVE-2021-0705, CVE-2021-0708, CVE-2020-15358, CVE-2021-0702, CVE-2021-0651, CVE-2021-0483, CVE-2021-0643, CVE-2021-0706
Moderate
- CVE-2021-0534, CVE-2021-0568, CVE-2021-0554, CVE-2021-0563, CVE-2021-0535, CVE-2021-0543, CVE-2021-0544, CVE-2021-0545, CVE-2021-0546, CVE-2021-0541, CVE-2021-0542, CVE-2021-0551
Already included in previous updates
- CVE-2021-0571
Not applicable to Samsung devices
- CVE-2021-0681, CVE-2021-0680, CVE-2021-0636, CVE-2021-0635, CVE-2021-0540
In addition to the Google patches, Samsung also provides SVE (Samsung Vulnerabilities and Exposures) items, some of them described below.
SVE-2021-22636 (CVE-2021-25485): Path traversal vulnerability in FactoryAirCommandManager
Severity: High
Affected versions: Q(10.0), R(11.0)
Reported on: July 14, 2021
Disclosure status: Privately disclosed.
Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Oct-2021 Release 1 allows attackers to write file as system UID via BT remote socket.
The patch fixes incorrect implementation of file path validation check logic.
SVE-2021-22658 (CVE-2021-25490): Downgrade attack in Keymaster TA
Severity: High
Affected versions: P(9.0), Q(10.0), R(11.0)
Reported on: July 16, 2021
Disclosure status: Privately disclosed.
A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged process.
The patch removes the legacy implementation for minor keyblob.
SVE-2021-21621 (CVE-2021-25491): Memory corruption vulnerabilities in kernel driver
Severity: Low
Affected versions: Selected P(9.0), Q(10.0), R(11.0) Exynos devices
Reported on: April 27, 2021
Disclosure status: Privately disclosed.
A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows memory corruption via NULL-pointer dereference.
The patch adds proper validation logic to prevent null pointer dereference.
SVE-2021-22558 (CVE-2021-25472): Improper access control in BluetoothSettingsProvider
Severity: Moderate
Affected versions: O(8.1), P(9.0), Q(10.0), R(11.0)
Reported on: July 7, 2021
Disclosure status: Privately disclosed.
An improper access control vulnerability in BluetoothSettingsProvider prior to SMR Oct-2021 Release 1 allows untrusted application to overwrite some Bluetooth information.
The patch adds the proper permission check to prevent improper access to BluetoothSettingsProvider.
SVE-2021-21958 (CVE-2021-25467): Kernel Local Privilege Escalation in the Vision DSP Kernel Driver
Severity: Moderate
Affected versions: R(11.0) devices with Exynos 980, 9830, 2100
Reported on: May 25, 2021
Disclosure status: Privately disclosed.
Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library.
The patch adds proper boundary check to prevent buffer overflow.
SVE-2021-21904 (CVE-2021-25468): Arbitrary read in the Widevine TA
Severity: High
Affected versions: Select Q(10.0), R(11.0) devices with Exynos chipsets
Reported on: June 2, 2021
Disclosure status: Privately disclosed.
A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address.
The patch adds the proper validation logic to prevent guessing a byte memory.
SVE-2021-21905 (CVE-2021-25469): Stack-based buffer overflow in the Widevine TA
Severity: High
Affected versions: Select Q(10.0), R(11.0) devices with Exynos chipsets
Reported on: June 2, 2021
Disclosure status: Privately disclosed.
A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution.
The patch adds proper boundary check and input validation to prevent buffer overflow.
SVE-2021-22065 (CVE-2021-25470): TEE can be compromised through the Widevine TA
Severity: Critical
Affected versions: Select P(9.0), Q(10.0), R(11.0) devices with Exynos and Mediatek chipsets
Reported on: June 2, 2021
Disclosure status: Privately disclosed.
An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE.
The patch addresses the caller check logic to prevent illegal use of SMC call.
SVE-2021-21906 (CVE-2021-25476): Pointer leak in Widevine TA
Severity: Moderate
Affected versions: Select Q(10.0), R(11.0) devices with Exynos chipsets
Reported on: May 20, 2021
Disclosure status: Privately disclosed.
An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE.
The patch fixes the problematic code.
SVE-2021-22327 (CVE-2021-25471): Possible replay attack before attach procedure completion
Severity: Moderate
Affected versions: O(8.1), P(9.0), Q(10.0) devices with Exynos CP chipsets
Reported on: June 27, 2021
Disclosure status: Privately disclosed.
A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion.
The patch prevents replay attack by using NAS count.
SVE-2021-22412 (CVE-2021-25483): OOB read in libsflvextractor library
Severity: Low
Affected versions: O(8.1), P(9.0), Q(10.0), R(11.0)
Reported on: July 2, 2021
Disclosure status: Privately disclosed.
Lack of boundary checking of a buffer in livfivextractor library prior to SMR Oct-2021 Release 1 allows OOB read.
The patch adds proper boundary check to prevent out of bounds read.
SVE-2021-22215 (CVE-2021-25484): Unauthorized access in InputManagerService
Severity: Moderate
Affected versions: O(8.1 go), Q(10.0 go), R(11.0 go)
Reported on: June 14, 2021
Disclosure status: Privately disclosed.
Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event.
The patch adds proper permission check logic in Android GO branches
SVE-2021-22360 (CVE-2021-25473): Local permanent denial of service in SystemUI
Severity: Moderate
Affected versions: R(11.0)
Reported on: June 28, 2021
Disclosure status: Privately disclosed.
Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_hide_by_meadia_full value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset.
The patch adds proper exception handling to prevent crash.
SVE-2021-22361 (CVE-2021-25474): Local permanent denial of service in SystemUI
Severity: Moderate
Affected versions: Q(10.0), R(11.0)
Reported on: June 28, 2021
Disclosure status: Privately disclosed.
Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_show_on_qspanel value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset.
The patch adds proper exception handling to prevent crash.
SVE-2021-20329 (CVE-2021-25486): Exposure of information vulnerability in ipcdump
Severity: Low
Affected versions: O(8.1), P(9.0), Q(10.0), R(11.0)
Reported on: January 16, 2021
Disclosure status: Privately disclosed.
Exposure of information vulnerability in ipcdump prior to SMR Oct-2021 Release 1 allows an attacker detect device information via analyzing packet in log.
The patch enforces access control of ipcdump.
SVE-2021-21957 (CVE-2021-25475): Kernel Local Privilege Escalation in the Vision DSP Kernel Diver
Severity: Moderate
Affected versions: Q(10.0), R(11.0) devices with Exynos 980, 9830, 2100 chipsets
Reported on: May 25, 2021
Disclosure status: Privately disclosed.
A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.
The patch adds proper boundary check to prevent buffer overflow.
SVE-2021-22199 (CVE-2021-25477): Baseband MCCH Double Free
Severity: High
Affected versions: Select P(9.0), Q(10.0), R(11.0) devices with MT6765,MT6853,MT6762 chipsets.
Reported on: June 11, 2021
Disclosure status: Privately disclosed.
An improper error handling in Mediatek RRC Protocol stack prior to SMR Oct-2021 Release 1 allows modem crash and remote denial of service.
The patch fixes the problematic code.
SVE-2021-22665 (CVE-2021-25487): Arbitrary code execution via OOB read in modem interface driver
Severity: Moderate
Affected versions: O(8.1), P(9.0), Q(10.0), R(11.0) Exynos devices
Reported on: July 16, 2021
Disclosure status: Privately disclosed.
Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.
The patch adds proper boundary check to prevent out of bounds read.
SVE-2021-22666 (CVE-2021-25488): OOB read in modem interface driver
Severity: Moderate
Affected versions: O(8.1), P(9.0), Q(10.0), R(11.0) Exynos devices
Reported on: July 16, 2021
Disclosure status: Privately disclosed.
Lack of boundary checking of a buffer in recv_data() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read.
The patch adds proper boundary check to prevent out of bounds read.
SVE-2021-22051 (CVE-2021-25478): LTE RRC Connection Reconfiguration Stack Bufferoverflow
Severity: Critical
Affected versions: Select O(8.1), P(9.0), Q(10.0), R(11.0) devices with Exynos chipsets
Reported on: June 1, 2021
Disclosure status: Privately disclosed.
A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.
The patch adds proper boundary check to prevent buffer overflow.
SVE-2021-22079 (CVE-2021-25479): LTE RRC Reconfiguration Heap-based Bufferoverflow
Severity: Critical
Affected versions: Select O(8.1), P(9.0), Q(10.0), R(11.0) devices with Exynos chipsets
Reported on: June 3, 2021
Disclosure status: Privately disclosed.
A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.
The patch adds proper boundary check to prevent buffer overflow.
SVE-2021-22324 (CVE-2021-25480): Replayed GUTI REALLOCATION COMMAND accepted after SECURITY MODE COMMAND
Severity: High
Affected versions: O(8.x), P(9.0), Q(10.0), R(11.0) devices with Qualcomm chipsets
Reported on: June 27, 2021
Disclosure status: Privately disclosed.
A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem prior to SMR Oct-2021 Release 1 can lead to remote denial of service on mobile network connection.
The patch adds proper check when a GUTI REALLOCATION COMMAND message is being reused.
SVE-2021-22403 (CVE-2021-25481): Baseband secure range can be disabled though an IOCTL
Severity: Moderate
Affected versions: Select O(8.1), P(9.0), Q(10.0), R(11.0) devices with Exynos chipsets
Reported on: July 1, 2021
Disclosure status: Privately disclosed.
An improper error handling in Exynos CP booting driver prior to SMR Oct-2021 Release 1 allows local attackers to bypass a Secure Memory Protector of Exynos CP Memory.
The patch fixes the problematic code.
SVE-2021-22563 (CVE-2021-25482): Multiple SQL Injection vulnerabilities in privileged content provider ‘com.samsung.android.cmfa.framework.provider.CmfaProvider’
Severity: Moderate
Affected versions: R(11.0)
Reported on: July 7, 2021
Disclosure status: Privately disclosed.
SQL injection vulnerabilities in CMFA framework prior to SMR Oct-2021 Release 1 allow untrusted application to overwrite some CMFA framework information.
The patch adds proper access control for the CMFA Provider in CMFA framework.
SVE-2021-22667 (CVE-2021-25489): Format string bug in modem interface driver
Severity: Low
Affected versions: O(8.1), P(9.0), Q(10.0), R(11.0) Exynos devices
Reported on: July 16, 2021
Disclosure status: Privately disclosed.
Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.
The patch addressed the issue.
Some SVE items included in the Samsung October 2021 Android Security Patch Update cannot be disclosed at this time.
Samsung Galaxy Z Flip 5 and Galaxy Z Fold 5 users are getting a new update with the February 2025 security patch. The update is rolling out for locked models on Verizon network carrier in the US and the company will expand it to more countries soon.
The new software update is based on Android 14 and One UI 6.1.1. While these devices are eligible for the One UI 7 update based Android 15 update, Samsung has not yet started the One UI 7 rollout for older devices. Even Galaxy S24 beta testers are still waiting for the stable update.
At present, the February 2025 security update is available for the Samsung Galaxy Z Fold 5 and Galaxy Z Flip 5 users in the US. They can be identified via One UI versions F946USQS5DYA5 and F731USQS5DYA5 respectively.
Samsung’s latest security patch fixes one critical and 34 high-level CVEs for Android, with 2 CVEs not relevant to Galaxy devices. The update also includes 7 SVE items to improve user experience, addressing issues in the Samsung Find app, Android settings, and more.
Moreover, this update improves the security and stability for a better user experience. Also, it enhances some features for smoother performance of your device.
To check for software updates manually, head toward your phone’s Settings. At the bottom, you will get the Software Update section, simply open it. Inside the submenu, you need to hit the Download and Install button if your Galaxy fetches a new OTA.
US Galaxy Z Flip 6, Fold 6 users waiting for One UI 7 get February 2025 update
Ahead of many latest Galaxy A series phones, Samsung has started rolling out the February 2025 security update for the Galaxy A34 smartphone. The update is currently available for users in Europe and the company will expand it soon.
February 2025 security update for Samsung Galaxy A34 smartphone arrives with One UI build version A346NKSS9CYA2. Users will have to download a 325MB package to install the update.
The Galaxy A34 smartphone is currently running Android 14-based One UI 6.1 and it is eligible for One UI 7 update too. Samsung has already launched the stable One UI 7 update for the Galaxy S25 series, and it’s expected to be available for the Galaxy A34 soon after the latest flagship devices receive it.
The new update enhances the security and stability by fixing a bunch of issues. Notably, the February 2025 security patch fixes 1 critical and 34 high levels of CVEs for the Android operating system. However, 2 CVEs are not relevant to Galaxy devices. Samsung also offers 7 SVE items related to the Samsung Find app, Android Application Component in Setting, and more.
Users can check new software updates manually with a handful of simple steps. Firstly, visit your Galaxy device’s “System Settings,” once done, scroll down and tap the “Software update” tab, followed by the “Download and install” button. It is an initial rollout so it may take some hours or days to reach all models.
Samsung Galaxy Z Flip 6 updates with February 2025 security patch, no One UI 7 yet
Samsung Galaxy S25 series has started getting the February 2025 security update in the US. Initially released in South Korea, the latest firmware update is now expanding to Verizon and T-Mobile carrier’s locked models nationwide.
As per Verizon, the Galaxy S25 lineup’s February 2025 update will gradually be available in the US. The SMR contains performance improvements and the most up-to-date Android (CVE) as well as One UI (SVE) security patches.
The release notes mention performance improvements. This indicates that Samsung has made some enhancements to the official One UI 7 version. Fixes for camera nightography related issues may also be included in the SMR.
Seamless Update
The Galaxy S25 series comes with Seamless Updates functionality. This unsung upgrade significantly reduces the downtime of software installation. The OTA will be applied with just a device restart, within seconds.
Software Update Info
Eligible Devices:
- Galaxy S25, S25+ and S25 Ultra
Availability:
- Carrier-locked models at T-Mobile & Verizon
Build Versions:
- S931USQU1AYB3 – Galaxy S25
- S931USQU1AYB3 – Galaxy S25+
- S931USQU1AYB3 – Galaxy S25 Ultra
What the changelog reads:
- The current software update provides performance improvements and the most up-to-date Android security patches on your device.
How to download:
- Settings > Software Update > Download and install
Notably, it’s the first software update rolling out for the Galaxy S25 series, following their release on February 7. Samsung’s new flagships with upgraded capabilities have earned tremendous consumer response in various parts of the world.
Samsung is still working to elevate One UI 7 experiences on the Galaxy S25 models. The software is launched as Stable but the full potential has yet to be offered. The perfect version is expected to be available by the end of March this year.
Updates
Samsung updates Galaxy S23 FE, Fold 4 and Flip 4 with February 2025 security patch as One UI 7 reportedly months away
Samsung is pushing the February 2025 security update for Galaxy S23 FE, Galaxy Z Fold 4, and Galaxy Z Flip 4 smartphones. The update installs the Android security patch to improve the system’s security and stability for a better Galaxy experience.
The latest security patch resolves over 40 issues to provide a smoother experience. It addresses specific issues such as those with the Samsung Find app and Android Application Component settings, ensuring a more seamless and secure user experience.
February 2025 security update is available for Samsung Galaxy S23 FE, Galaxy Z Fold 4, and Galaxy Z Flip 4 smartphones in Korea. The company will expand it to more countries soon. You can check the latest software through the One UI builds below.
- Galaxy S23 FE – S711NKSS5BYB1
- Galaxy Z Fold 4 – F936NKSS5GYA5
- Galaxy Z Flip 4 – F721NKSS5GYA5
Users of these Galaxy devices can install the latest security patch through Settings >> Software Updates >> Download and install. If you have received the update, install it now to make your device ready for future updates.
The Galaxy S23 FE, Galaxy Z Fold 4, and Galaxy Z Flip 4 smartphones are eligible for One UI 7 update. However, the Galaxy S24 users are also waiting for the stable One UI 7 update. Meanwhile, a recent report indicated that Samsung might release more beta updates ahead of the stable version. The final Beta is expected to be released in April 2025, bringing the Beta participants to jump to a Stable build.
Rumor suggests One UI 7 Stable still months away; Beta 4, 5, and 6 planned
Samsung has been preparing for the rollout of One UI 7 on Galaxy devices following its official release with the Galaxy S25 series launch. However, a recent report suggested that the launch has been delayed, as the company plans to release a fourth beta update. In the meantime, users of the Samsung Galaxy Z Flip 6 and Galaxy Z Fold 6 in the US have started receiving the February 2025 security update.
The fresh update improves the security and stability to provide a better Galaxy experience. It also enhances some functions for smoother performance.
Moreover, the latest security patch fixes one critical and 34 high-level CVEs for Android, with two CVEs not relevant to Galaxy devices. The update also includes 7 SVE items to improve user experience, addressing issues in the Samsung Find app, Android settings, and more.
February 2025 security update is currently available for Samsung Galaxy Z Fold 6 and Galaxy Z Flip 6 users on the Verizon network carrier in the US. This update is already out for users in Korea and the company will expand to more countries.
Users can identify the latest update via the One UI build version given below.
- Galaxy Z Flip 6 – F741USQS2AYA5
- Galaxy Z Fold 6 – F956USQS2AYA5
Users are advised to install the update promptly to benefit from the improved security measures. For those who have not received an update notification, the update can be manually checked and installed.
To install the update, open the smartphone’s settings, select ‘Software Update’, and then ‘Download and install’. Following these steps will ensure that your Galaxy smartphone is up-to-date with the latest security protections.
Samsung Galaxy Z Fold 6, Fold 6 SE get February 2025 security update, One UI 7 still awaited
-
News2 days agoStable and optimized One UI 7 version coming by the end of March: Source
-
One UI1 day agoWhen can we expect One UI 7 Beta 4 for Samsung Galaxy S24?
-
One UI2 days agoReliable source verifies One UI 7 Beta roadmap for Galaxy S24 – Stable update expected after April
-
News2 days agoExclusive: Galaxy S24 One UI 7 delayed as Samsung focuses on optimizing for S25 Ultra | No plans after unplanned 4th Beta