Vulnerability Description
An issue was discovered in Samsung Exynos Mobile Processor and Baseband Modem Processor for Exynos 1280, Exynos 2200, and Exynos Modem 5300. An integer overflow in IPv4 fragment handling can occur due to insufficient parameter validation when reassembling these fragments.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Samsung | Exynos 1280 Firmware | - |
| Samsung | Exynos 1280 | - |
| Samsung | Exynos 2200 Firmware | - |
| Samsung | Exynos 2200 | - |
| Samsung | Exynos Modem 5300 Firmware | - |
| Samsung | Exynos Modem 5300 | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/172177/Shannon-Baseband-Integer-Overflow.ht
- https://semiconductor.samsung.com/processor/mobile-processor/Product
- https://semiconductor.samsung.com/processor/modem/Product
- https://semiconductor.samsung.com/support/quality-support/product-security-updatVendor Advisory
- http://packetstormsecurity.com/files/172177/Shannon-Baseband-Integer-Overflow.ht
- https://semiconductor.samsung.com/processor/mobile-processor/Product
- https://semiconductor.samsung.com/processor/modem/Product
- https://semiconductor.samsung.com/support/quality-support/product-security-updatVendor Advisory
FAQ
What is CVE-2023-28613?
CVE-2023-28613 is a vulnerability with a CVSS score of 6.8 (MEDIUM). An issue was discovered in Samsung Exynos Mobile Processor and Baseband Modem Processor for Exynos 1280, Exynos 2200, and Exynos Modem 5300. An integer overflow in IPv4 fragment handling can occur due...
How severe is CVE-2023-28613?
CVE-2023-28613 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-28613?
Check the references section above for vendor advisories and patch information. Affected products include: Samsung Exynos 1280 Firmware, Samsung Exynos 1280, Samsung Exynos 2200 Firmware, Samsung Exynos 2200, Samsung Exynos Modem 5300 Firmware.