An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123.. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding operator-defined access category definitions.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors Products
Samsung
  • Exynos Auto T5123 Firmware
  • Exynos Auto T5123
  • Exynos Modem 5123 Firmware
  • Exynos Modem 5300
  • Exynos 1080 Firmware
  • Exynos 1280 Firmware
  • Exynos 2200
  • Exynos 850
  • Exynos 980 Firmware
  • Exynos Modem 5123
  • Exynos W920
  • Exynos 980
  • Exynos 1080
  • Exynos 850 Firmware
  • Exynos 1280
  • Exynos 2200 Firmware
  • Exynos Modem 5300 Firmware
  • Exynos W920 Firmware

Configuration 1 [-]

AND
cpe:2.3:o:samsung:exynos_850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_850:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:samsung:exynos_modem_5123_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5123:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:samsung:exynos_modem_5300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_modem_5300:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:samsung:exynos_auto_t5123_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_auto_t5123:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:samsung:exynos_w920_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_w920:-:*:*:*:*:*:*:*
References
Link Resource
http://packetstormsecurity.com/files/171383/Shannon-Baseband-NrmmMsgCodec-Access-Category-Definitions-Heap-Buffer-Overflow.html
https://bugs.chromium.org/p/project-zero/issues/detail?id=2397
https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html
https://semiconductor.samsung.com/processor/mobile-processor/ Product
https://semiconductor.samsung.com/processor/modem/ Product
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2023-03-13T00:00:00

Updated: 2023-03-17T00:00:00

Reserved: 2023-02-19T00:00:00

Link: CVE-2023-26074

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2023-03-13T13:15:11.903

Modified: 2023-03-17T16:15:11.780

Link: CVE-2023-26074

JSON object: View

cve-icon Redhat Information

No data.

CWE