CVE-2023-41111

HIGH

Samsung Exynos Firmware - Out-of-bounds Write in RLC Module

Title source: llm

Description

An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). Improper handling of a length parameter inconsistency can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module.

References (1)

Core 1

Core References

Vendor Advisory

https://semiconductor.samsung.com/support/quality-support/product-security-updates/

Scores

CVSS v3 7.1

EPSS 0.0032

EPSS Percentile 54.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-787

Status published

Products (16)

samsung/exynos_1080_firmware

samsung/exynos_1280_firmware

samsung/exynos_1330_firmware

samsung/exynos_1380_firmware

samsung/exynos_2100_firmware

samsung/exynos_2200_firmware

samsung/exynos_850_firmware

samsung/exynos_9110_firmware

samsung/exynos_9610_firmware

samsung/exynos_980_firmware

... and 6 more

Published Nov 08, 2023

Tracked Since Feb 18, 2026