An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The baseband component has a buffer overflow via an abnormal SETUP message, leading to execution of arbitrary code. The Samsung ID is SVE-2020-18098 (September 2020).
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25279
Reference (s):
- https://security.samsungmobile.com/securityUpdate.smsb