CVE-2023-29086

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-29086
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Min-SE header.

7.5 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
http://packetstormsecurity.com/files/172293/Shannon-Baseband-SIP-Min-SE-Header-Stack-Buffer-Overflow.html
http://packetstormsecurity.com/files/172293/Shannon-Baseband-SIP-Min-SE-Header-Stack-Buffer-Overflow.html
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:samsung:exynos_5300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_5300:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:samsung:exynos_5123_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_5123:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:samsung:exynos_9110_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9110:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:samsung:exynos_auto_t5123_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_auto_t5123:-:*:*:*:*:*:*:*
History

07 Feb 2025, 21:15

Type Values Removed Values Added
References (MISC) https://semiconductor.samsung.com/support/quality-support/product-security-updates/ - Vendor Advisory () https://semiconductor.samsung.com/support/quality-support/product-security-updates/ - Vendor Advisory
References (MISC) http://packetstormsecurity.com/files/172293/Shannon-Baseband-SIP-Min-SE-Header-Stack-Buffer-Overflow.html - () http://packetstormsecurity.com/files/172293/Shannon-Baseband-SIP-Min-SE-Header-Stack-Buffer-Overflow.html -

11 May 2023, 18:15

Type Values Removed Values Added
References
  • (MISC) http://packetstormsecurity.com/files/172293/Shannon-Baseband-SIP-Min-SE-Header-Stack-Buffer-Overflow.html -

24 Apr 2023, 16:52

Type Values Removed Values Added
References (MISC) https://semiconductor.samsung.com/support/quality-support/product-security-updates/ - (MISC) https://semiconductor.samsung.com/support/quality-support/product-security-updates/ - Vendor Advisory
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5
CWE CWE-787
CPE cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_auto_t5123_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_9110_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_5300:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9110:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_5123:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_5123_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_auto_t5123:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_5300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*
First Time Samsung exynos 5300 Firmware
Samsung exynos 1080 Firmware
Samsung
Samsung exynos 980 Firmware
Samsung exynos Auto T5123
Samsung exynos 5123 Firmware
Samsung exynos Auto T5123 Firmware
Samsung exynos 980
Samsung exynos 9110 Firmware
Samsung exynos 1080
Samsung exynos 9110
Samsung exynos 5300
Samsung exynos 5123

24 Apr 2023, 15:15

Type Values Removed Values Added
Summary An issue was discovered in Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Min-SE header. An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Min-SE header.

14 Apr 2023, 21:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-04-14 21:15

Updated : 2025-02-07 21:15

NVD link : CVE-2023-29086

Mitre link : CVE-2023-29086

JSON object : View

Products Affected

samsung

  • exynos_auto_t5123
  • exynos_5123_firmware
  • exynos_980
  • exynos_5123
  • exynos_5300_firmware
  • exynos_980_firmware
  • exynos_9110
  • exynos_1080
  • exynos_1080_firmware
  • exynos_auto_t5123_firmware
  • exynos_9110_firmware
  • exynos_5300
CWE
CWE-787

Out-of-bounds Write