CVE-2023-26496

Name of the Vulnerable Software and Affected Versions Samsung Baseband Modem Chipset for Exynos Modem 5123 Samsung Baseband Modem Chipset for Exynos Modem 5300 Samsung Baseband Modem Chipset for Exynos 980 Samsung Baseband Modem Chipset for Exynos 1080 Samsung Baseband Modem Chipset for Exynos Auto T5124

Description An issue in the SDP module can cause memory corruption due to improper checking of the fmtp attribute parameter length.

Recommendations For Samsung Baseband Modem Chipset for Exynos Modem 5123, consider restricting access to the SDP module until a fix is available. For Samsung Baseband Modem Chipset for Exynos Modem 5300, avoid using the fmtp attribute in the SDP module until the issue is resolved. For Samsung Baseband Modem Chipset for Exynos 980, temporarily disable the SDP module to prevent exploitation. For Samsung Baseband Modem Chipset for Exynos 1080, restrict the use of the fmtp attribute in the SDP module. For Samsung Baseband Modem Chipset for Exynos Auto T5124, apply configuration changes to limit the impact of the memory corruption issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.