CVE-2024-52923

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400 Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 9110, W920, W930, W1000 Samsung Modem versions 5123, 5300, 5400

Description The issue is related to a lack of boundary check during the decoding of DL NAS Transport messages, which leads to a Denial of Service.

Recommendations For Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, consider implementing boundary checks for DL NAS Transport messages to prevent Denial of Service. For Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 9110, W920, W930, W1000, consider implementing boundary checks for DL NAS Transport messages to prevent Denial of Service. For Samsung Modem versions 5123, 5300, 5400, consider implementing boundary checks for DL NAS Transport messages to prevent Denial of Service. At the moment, there is no information about a newer version that contains a fix for this issue.