Infinite Loop Vulnerability in Samsung Exynos and Wearable Processors
CVE-2023-36481

7.5HIGH

Key Information:

Vendor: Samsung
Status: Exynos 9810 Firmware
Vendor: CVE Published:; 28 August 2023

What is CVE-2023-36481?

A vulnerability has been identified in specific Samsung Exynos Mobile and Wearable Processors wherein an inconsistency in handling the PPP length parameter can lead to an infinite loop scenario. This flaw could potentially disrupt the functionality of devices relying on the affected processors, impacting user experience and device reliability. It's crucial for users and developers to stay informed about security updates and patches released by Samsung to mitigate this vulnerability.

References

https://semiconductor.samsung.com/support/quality-support...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 28, 2023
Vulnerability Reserved
Jun 22, 2023