Описание
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_deliver().
| Релиз | Статус | Примечание |
|---|---|---|
| devel | needs-triage | |
| esm-apps/bionic | released | 1.21-1ubuntu1+esm1 |
| esm-apps/focal | released | 1.31-2ubuntu1+esm1 |
| esm-apps/jammy | released | 1.31-3ubuntu1.1 |
| esm-apps/noble | released | 1.31-3ubuntu3.24.04.1 |
| esm-apps/xenial | released | 1.17.bzr6912+16.04.20160314.3-0ubuntu1+esm1 |
| focal | ignored | end of standard support, was needed |
| jammy | released | 1.31-3ubuntu1.1 |
| mantic | ignored | end of life, was needs-triage |
| noble | released | 1.31-3ubuntu3.24.04.1 |
Показывать по
EPSS
8.1 High
CVSS3
Связанные уязвимости
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_deliver().
A flaw was found in ofono, an Open Source Telephony on Linux. A stack ...
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_deliver().
Уязвимость функции decode_deliver() интерфейса для работы с мобильной связью oFono, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS
8.1 High
CVSS3