PT-2023-25936 · Samsung · Exynos 9610+15
Published
2023-09-08
·
Updated
2023-09-13
·
CVE-2023-37368
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Samsung Exynos Mobile Processor, Automotive Processor, and Modem versions Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123
Description
An issue was discovered in the Shannon MM Task where missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Exynos 1080
Exynos 1280
Exynos 1330
Exynos 1380
Exynos 2100
Exynos 2200
Exynos 850
Exynos 9110
Exynos 9610
Exynos 980
Exynos 9810
Exynos 9820
Exynos Auto T5123
Exynos Modem 5123
Exynos Modem 5300
Exynos W920