admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-07 11:06:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-20702.md

20 lines
1.1 KiB
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2023-20702](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20702)
![](https://img.shields.io/static/v1?label=Product&message=MT6835%2C%20MT6873%2C%20MT6875%2C%20MT6879%2C%20MT6883%2C%20MT6885%2C%20MT6886%2C%20MT6889%2C%20MT6895%2C%20MT6980%2C%20MT6983%2C%20MT6985%2C%20MT6990%2C%20MT8673%2C%20MT8675%2C%20MT8791%2C%20MT8791T%2C%20MT8797%2C%20MT8798&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20Modem%20NR15%2C%20NR16%2C%20NR17%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Denial%20of%20Service&color=brighgreen)
### Description
In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00921261; Issue ID: MOLY01128895.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/Shangzewen/U-Fuzz
- https://github.com/asset-group/5ghoul-5g-nr-attacks
- https://github.com/asset-group/U-Fuzz
Reference in New Issue Copy Permalink