Samsung January 2024 Security Patch Details: Fixes Critical bug

Samsung has announced a new maintenance release for its Galaxy devices as part of its monthly security update. The company has published the details of the January 2024 security update, which includes patches from both Google and Samsung to fix various vulnerabilities and bugs that affect the Android system and Samsung devices.

The January 2024 security patch fixes 1 critical, 68 high, and 6 moderate levels of CVEs for the Android operating system. However, 1 CVE was resolved by previous updates from the company and 4 is not relevant to Galaxy devices.

The latest patch also includes 5 Samsung-specific patches, which improve the security and performance of the camera, the secure folder, the biometrics, the Wi-Fi, and the Bluetooth.

Android Patch Details

Critical
CVE-2022-40507

High
CVE-2023-4272, CVE-2023-32804, CVE-2023-3889, CVE-2023-21215, CVE-2023-21227, CVE-2023-21228, CVE-2023-21216, CVE-2023-21218, CVE-2023-21166, CVE-2023-21164, CVE-2023-21163, CVE-2023-21162, CVE-2023-21217, CVE-2023-21401, CVE-2023-21402, CVE-2023-21263, CVE-2023-35690, CVE-2023-21403, CVE-2023-32847, CVE-2023-32848, CVE-2023-32851, CVE-2022-22076, CVE-2023-21652, CVE-2023-21664, CVE-2023-21662, CVE-2023-33017, CVE-2023-28546, CVE-2023-28585, CVE-2023-28586, CVE-2023-33022, CVE-2023-33054, CVE-2023-28550, CVE-2023-28551, CVE-2023-33018, CVE-2023-33081, CVE-2023-33089, CVE-2023-33098, CVE-2023-33088, CVE-2023-33080, CVE-2023-33097, CVE-2023-33079, CVE-2023-33092, CVE-2023-33107, CVE-2023-33106, CVE-2023-33063, CVE-2023-33053, CVE-2023-33087, CVE-2023-45779, CVE-2022-48457, CVE-2022-48458, CVE-2022-48459, CVE-2022-48454, CVE-2022-48455, CVE-2022-48461, CVE-2022-48456, CVE-2023-32818, CVE-2023-21245, CVE-2024-0015, CVE-2024-0018, CVE-2024-0023, CVE-2024-0019, CVE-2024-0021, CVE-2023-35671, CVE-2024-0016, CVE-2024-0017, CVE-2024-0020, CVE-2023-21266, CVE-2023-40120

Moderate
CVE-2023-32842, CVE-2023-32844, CVE-2023-32846, CVE-2023-32841, CVE-2023-32843, CVE-2023-32845

Already included in previous updates
CVE-2023-4863

Not applicable to Samsung devices
CVE-2023-32850, CVE-2023-28587, CVE-2023-28588, CVE-2023-40085

One UI Patch Details

• SVE-2023-1689(CVE-2024-20806): Improper access control in Notification service
• SVE-2023-1667(CVE-2024-20802): Improper access control in Samsung DeX
• SVE-2023-1418(CVE-2024-20805): Path traversal vulnerability in MyFiles
• SVE-2023-1406(CVE-2024-20804): Path traversal vulnerability in MyFiles
• SVE-2023-1038(CVE-2024-20803): Improper authentication vulnerability in Bluetooth pairing process