Samsung maintains its commitment to the safety of its users in 2025 by releasing the first security patch for the month of January. The new update brings important fixes designed to improve system stability and provide an optimized experience for all Galaxy smartphone owners.
Samsung says that this January 2025 security patch includes over 50 vulnerability fixes. The update integrates both patches provided by Google and solutions developed in-house by Samsung. Google addresses 5 critical CVEs (Common Vulnerabilities and Exposures) and 24 CVEs considered high level, while another vulnerability has already been resolved in previous updates.
Note that 2 of these CVEs do not affect Samsung devices, so no additional corrections from the company were necessary. In addition, Samsung added its own fixes, including 22 Samsung Vulnerabilities and Exposures (SVE) articles.
These improvements mainly focus on specific functions and services, such as Sound Picker, Samsung Messages, Notification Manager and even the Samsung Bootloader, ensuring more advanced protection and improved performance for users.
Samsung Announces CRITICAL Updates for Millions of Phones Worldwide
The Samsung Galaxy S24, Samsung's current flagship series, is the first device to receive the January 2025 security update. However, the company has announced that it will gradually expand the availability of the patch to more Galaxy smartphones and tablets, in the following days.
This release underscores Samsung's determination to provide a secure and reliable ecosystem. For those interested in the full details of the January 2025 security changes, the company has published the full documentation on its official website. So, if you own a Galaxy device, it's worth checking the updates section periodically, to enjoy the latest protection against cyber threats.
critical
- CVE-2024-43096, CVE-2024-43770, CVE-2024-43771, CVE-2024-49747,
- CVE-2024-49748
High severity
- CVE-2024-43077, CVE-2024-43701, CVE-2024-33056, CVE-2024-33044,
- CVE-2024-43052, CVE-2022-42545, CVE-2024-49732, CVE-2024-49735,
- CVE-2024-49737, CVE-2024-49738, CVE-2024-49744, CVE-2024-49745,
- CVE-2023-40108, CVE-2024-49733, CVE-2023-40132, CVE-2024-49749,
- CVE-2024-34722, CVE-2024-34730, CVE-2024-43095, CVE-2024-43765,
- CVE-2024-49742, CVE-2024-49734, CVE-2024-43763, CVE-2024-49736
Included in previous updates.
- CVE-2024-20125
One UI Patch
- SVE-2024-0274(CVE-2025-20881): Out-of-bounds write in libsthmbc.so
- SVE-2024-0308(CVE-2025-20882): Out-of-bounds write in libsthmbc.so
- SVE-2024-1217(CVE-2025-20883): Improper access control in SoundPicker
- SVE-2024-1527(CVE-2025-20884): Improper access control in Samsung Message
- SVE-2024-1828(CVE-2025-20885): Out-of-bounds write in softsim TA
- SVE-2024-1834(CVE-2025-20886): Inclusion of sensitive information in test code in softsim TA
- SVE-2024-1875(CVE-2025-20893): Improper access control in NotificationManager
- SVE-2024-2153(CVE-2025-20887): Out-of-bounds read in libsthmbc.so
- SVE-2024-2154(CVE-2025-20888): Out-of-bounds write in libsthmbc.so
- SVE-2024-2156(CVE-2025-20889): Out-of-bounds read in libsthmbc.so
- SVE-2024-2157(CVE-2025-20890): Out-of-bounds write in libsthmbc.so
- SVE-2024-2158(CVE-2025-20891): Out-of-bounds read in libsthmbc.so
- SVE-2024-2171(CVE-2025-20892): Protection Mechanism Failure in bootloader