PT-2023-20472 · Samsung · Exynos 2200+4
Published
2023-03-13
·
Updated
2025-03-03
·
CVE-2023-26076
CVSS v3.1
7.6
High
| Vector | AC:L/AV:N/A:H/C:L/I:L/PR:L/S:U/UI:N |
Name of the Vulnerable Software and Affected Versions
Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 1280
Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 2200
Samsung Mobile Chipset and Baseband Modem Chipset for Exynos Modem 5123
Samsung Mobile Chipset and Baseband Modem Chipset for Exynos Modem 5300
Samsung Mobile Chipset and Baseband Modem Chipset for Exynos Auto T5123
Description
An issue was discovered in the 5G SM message codec due to insufficient parameter validation when decoding reserved options, which can cause an intra-object overflow.
Recommendations
For Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 1280, consider disabling the 5G SM message codec until a patch is available.
For Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 2200, consider disabling the 5G SM message codec until a patch is available.
For Samsung Mobile Chipset and Baseband Modem Chipset for Exynos Modem 5123, consider disabling the 5G SM message codec until a patch is available.
For Samsung Mobile Chipset and Baseband Modem Chipset for Exynos Modem 5300, consider disabling the 5G SM message codec until a patch is available.
For Samsung Mobile Chipset and Baseband Modem Chipset for Exynos Auto T5123, consider disabling the 5G SM message codec until a patch is available.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Exynos 1280
Exynos 2200
Exynos Auto T5123
Exynos Modem 5123
Exynos Modem 5300