Описание
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_submit_report().
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.16-1ubuntu1 |
| esm-apps/bionic | released | 1.21-1ubuntu1+esm1 |
| esm-apps/focal | released | 1.31-2ubuntu1+esm1 |
| esm-apps/jammy | released | 1.31-3ubuntu1.1 |
| esm-apps/noble | released | 1.31-3ubuntu3.24.04.1 |
| esm-apps/xenial | released | 1.17.bzr6912+16.04.20160314.3-0ubuntu1+esm1 |
| focal | ignored | end of standard support, was needed |
| jammy | released | 1.31-3ubuntu1.1 |
| mantic | ignored | end of life, was needs-triage |
| noble | released | 1.31-3ubuntu3.24.04.1 |
Показывать по
EPSS
8.1 High
CVSS3
Связанные уязвимости
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_submit_report().
A flaw was found in ofono, an Open Source Telephony on Linux. A stack ...
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_submit_report().
Уязвимость функции decode_submit_report() стека мобильной телефонии oFono, позволяющая нарушителю выполнить произвольный код
EPSS
8.1 High
CVSS3