CVE-2023-26073

Name of the Vulnerable Software and Affected Versions Samsung Mobile Chipset and Baseband Modem Chipset for Exynos versions 850 through 2200 Samsung Mobile Chipset and Baseband Modem Chipset for Exynos Modem versions 5123 through 5300 Samsung Mobile Chipset and Baseband Modem Chipset for Exynos Auto version T5123 Samsung Mobile Chipset and Baseband Modem Chipset for Exynos W920 version

Description A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the extended emergency number list.

Recommendations For Samsung Mobile Chipset and Baseband Modem Chipset for Exynos versions 850 through 2200, update to a version that includes a fix for the heap-based buffer overflow issue. For Samsung Mobile Chipset and Baseband Modem Chipset for Exynos Modem versions 5123 through 5300, update to a version that includes a fix for the heap-based buffer overflow issue. For Samsung Mobile Chipset and Baseband Modem Chipset for Exynos Auto version T5123, update to a version that includes a fix for the heap-based buffer overflow issue. For Samsung Mobile Chipset and Baseband Modem Chipset for Exynos W920 version, update to a version that includes a fix for the heap-based buffer overflow issue. As a temporary workaround, consider disabling the 5G MM message codec until a patch is available.