Connect with us

Samsung

Samsung January 2025 Security Patch Details Released – Android CVEs, One UI SVEs

Published

on

Samsung January 2025 Security patch details

Year 2025 has started, and Samsung has released the details of its first security patch for January for Galaxy devices. It brings important fixes to improve security and stability for a better user experience.

January 2025 security update includes over 50 vulnerability fixes, with patches from both Google and Samsung. Google addresses 5 critical and 24 high-level CVEs (Common Vulnerabilities and Exposures), while 1 CVE was already covered in previous updates. Notably, 2 CVEs are not applicable to Samsung devices.

Moreover, Samsung adds its own fixes to the update, including 22 Samsung Vulnerabilities and Exposures (SVE) items. These primarily address issues with Samsung’s Sound Picker, Samsung Messages, Notification Manager, and Bootloader.

The Galaxy S24 becomes the first Samsung series to receive the January 2025 security update. The company will expand this update to more Galaxy devices in the coming days. Until then, you can check the full details of the January 2025 security patch below.

Samsung January 2025 Security patch details

Android Patch Details

Critical

  • CVE-2024-43096, CVE-2024-43770, CVE-2024-43771, CVE-2024-49747, CVE-2024-49748

High

  • CVE-2024-43077, CVE-2024-43701, CVE-2024-33056, CVE-2024-33044, CVE-2024-43052, CVE-2022-42545, CVE-2024-49732, CVE-2024-49735, CVE-2024-49737, CVE-2024-49738, CVE-2024-49744, CVE-2024-49745, CVE-2023-40108, CVE-2024-49733, CVE-2023-40132, CVE-2024-49749, CVE-2024-34722, CVE-2024-34730, CVE-2024-43095, CVE-2024-43765, CVE-2024-49742, CVE-2024-49734, CVE-2024-43763, CVE-2024-49736

Moderate

  • None

Already included in previous updates

  • CVE-2024-20125

Not applicable to Samsung devices

  • CVE-2024-43048, CVE-2024-33063

One UI Patch Details

  • SVE-2024-0274(CVE-2025-20881): Out-of-bounds write in libsthmbc.so
  • SVE-2024-0308(CVE-2025-20882): Out-of-bounds write in libsthmbc.so
  • SVE-2024-1217(CVE-2025-20883): Improper access control in SoundPicker
  • SVE-2024-1527(CVE-2025-20884): Improper access control in Samsung Message
  • SVE-2024-1828(CVE-2025-20885): Out-of-bounds write in softsim TA
  • SVE-2024-1834(CVE-2025-20886): Inclusion of sensitive information in test code in softsim TA
  • SVE-2024-1875(CVE-2025-20893): Improper access control in NotificationManager
  • SVE-2024-2153(CVE-2025-20887): Out-of-bounds read in libsthmbc.so
  • SVE-2024-2154(CVE-2025-20888): Out-of-bounds write in libsthmbc.so
  • SVE-2024-2156(CVE-2025-20889): Out-of-bounds read in libsthmbc.so
  • SVE-2024-2157(CVE-2025-20890): Out-of-bounds write in libsthmbc.so
  • SVE-2024-2158(CVE-2025-20891): Out-of-bounds read in libsthmbc.so
  • SVE-2024-2171(CVE-2025-20892): Protection Mechanism Failure in bootloader

Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.

Hey, Camila is here! From the very beginning, I love using Samsung phones like a die-hard fan. Apart from detailing One UI features for readers, I love exploring different apps of the Samsung ecosystem with a cup of tea!