all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Shannon Baseband fmtp SDP Attribute Memory Corruption

Add to bookmarks
May 4, 2023, 2:46 p.m. |

Packet Storm packetstormsecurity.com

Shannon Baseband suffers from a memory corruption vulnerability that occurs when the baseband modem processes SDP when setting up a call. When an fmtp attribute is parsed, the integer that represents the payload type is copied into an 8-byte buffer using memcpy with the length of payload type as the length parameter. There are no checks that the payload type is less than 8-bytes long or actually an integer.

baseband buffer call corruption integer length memory memory corruption modem parameter payload processes sdp vulnerability

Visit resource

More from packetstormsecurity.com / Packet Storm

Packet Storm New Exploits For April, 2024 20 hours ago | packetstormsecurity.com
april archive exploits packet +2
Ubuntu Security Notice USN-6760-1 20 hours ago | packetstormsecurity.com
attacker data denial of service file +11
Kernel Live Patch Security Notice LSN-0103-1 20 hours ago | packetstormsecurity.com
attacker con data expose +20
Microsoft PlayReady Cryptography Weakness 20 hours ago | packetstormsecurity.com
attack beyond cryptography extraction +15
Online Tours And Travels Management System 1.0 SQL Injection 21 hours ago | packetstormsecurity.com
injection management management system sql +6
Qantas App Glitch Sees Boarding Passes Fly To Other Accounts 21 hours ago | packetstormsecurity.com
accounts app data loss flaw +4
Adobe Adds Content Credentials And Firefly To Bug Bounty Program 21 hours ago | packetstormsecurity.com
adobe bounty bug bug bounty +5
Google Boosts Bug Bounty Payouts Tenfold In Mobile App Security Push 21 hours ago | packetstormsecurity.com
app bounty bug bug bounty +6
London Drugs Pharmacy Closes All Stores To Respond To Cyber Incident 21 hours ago | packetstormsecurity.com
britain cyber cyber incident data loss +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC

@ SAP | Dublin 24, IE, D24WA02
View on infosec-jobs.com

Product Security Response Engineer

@ Intel | CRI - Belen, Heredia
View on infosec-jobs.com

Application Security Architect

@ Uni Systems | Brussels, Brussels, Belgium
View on infosec-jobs.com

Sr Product Security Engineer

@ ServiceNow | Hyderabad, India
View on infosec-jobs.com

Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)

@ FiscalNote | United Kingdom (UK)
View on infosec-jobs.com
View more jobs