Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-24033

The Samsung Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T512 baseband modem chipsets do not properly check format types specified by the Session Description Protocol (SDP) module, which can lead to a denial of service.

Published

2023-03-13T12:15:11.160

Last Modified

2025-03-03T21:15:13.433

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
NVD-CWE-noinfo
Type: Secondary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	samsung	exynos_modem_5300_firmware	-	Yes
Hardware	samsung	exynos_modem_5300	-	No
Operating System	samsung	exynos_modem_5123_firmware	-	Yes
Hardware	samsung	exynos_modem_5123	-	No
Operating System	samsung	exynos_980_firmware	-	Yes
Hardware	samsung	exynos_980	-	No
Operating System	samsung	exynos_1080_firmware	-	Yes
Hardware	samsung	exynos_1080	-	No
Operating System	samsung	exynos_auto_t5123_firmware	-	Yes
Hardware	samsung	exynos_auto_t5123	-	No

References

http://packetstormsecurity.com/files/172137/Shannon-Baseband-accept-type-SDP-Attribute-Memory-Corruption.html ([email protected])
https://semiconductor.samsung.com/processor/modem/ Product ([email protected])
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory ([email protected])
http://packetstormsecurity.com/files/172137/Shannon-Baseband-accept-type-SDP-Attribute-Memory-Corruption.html (af854a3a-2127-422b-91ae-364da2661108)
https://semiconductor.samsung.com/processor/modem/ Product (af854a3a-2127-422b-91ae-364da2661108)
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)