CVE-2024-29152

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 980 through 2400 Exynos Modem versions 5123 through 5300

Description An issue was discovered in the baseband software of the affected processors. The software does not properly check states specified by the RRC (Radio Resource Control) Reconfiguration message. This can lead to disclosure of sensitive information.

Recommendations For Exynos versions 980 through 2400, update the baseband software to properly handle RRC Reconfiguration messages. For Exynos Modem versions 5123 through 5300, update the baseband software to properly handle RRC Reconfiguration messages. As a temporary workaround, consider restricting access to the baseband software until a patch is available.