CVE-2023-28613: Integer Overflow
First published: Tue Apr 04 2023(Updated: )
An issue was discovered in Samsung Exynos Mobile Processor and Baseband Modem Processor for Exynos 1280, Exynos 2200, and Exynos Modem 5300. An integer overflow in IPv4 fragment handling can occur due to insufficient parameter validation when reassembling these fragments.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung Exynos 1280 Firmware | ||
| Samsung Exynos 1280 | ||
| Samsung Exynos 2200 Firmware | ||
| Samsung Exynos 2200 | ||
| Samsung Exynos Modem 5300 Firmware | ||
| Samsung Exynos Modem 5300 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-28613?
The severity of CVE-2023-28613 is critical, with a CVSS base score of 9.8.
Which software is affected by CVE-2023-28613?
The affected software includes Samsung Exynos 1280 Firmware, Samsung Exynos 2200 Firmware, and Samsung Exynos Modem 5300 Firmware.
How does CVE-2023-28613 occur?
CVE-2023-28613 occurs due to an integer overflow in IPv4 fragment handling caused by insufficient parameter validation when reassembling the fragments.
Are Samsung Exynos 1280 and Samsung Exynos 2200 vulnerable to CVE-2023-28613?
No, Samsung Exynos 1280 and Samsung Exynos 2200 are not vulnerable to CVE-2023-28613.
Where can I find more information about CVE-2023-28613?
You can find more information about CVE-2023-28613 at the following references: [http://packetstormsecurity.com/files/172177/Shannon-Baseband-Integer-Overflow.html](http://packetstormsecurity.com/files/172177/Shannon-Baseband-Integer-Overflow.html), [https://semiconductor.samsung.com/processor/mobile-processor/](https://semiconductor.samsung.com/processor/mobile-processor/), [https://semiconductor.samsung.com/processor/modem/](https://semiconductor.samsung.com/processor/modem/).