Описание
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_deliver_report().
| Релиз | Статус | Примечание |
|---|---|---|
| devel | needs-triage | |
| esm-apps/bionic | released | 1.21-1ubuntu1+esm2 |
| esm-apps/focal | released | 1.31-2ubuntu1+esm2 |
| esm-apps/jammy | released | 1.31-3ubuntu1.2 |
| esm-apps/noble | released | 1.31-3ubuntu3.24.04.2 |
| esm-apps/xenial | released | 1.17.bzr6912+16.04.20160314.3-0ubuntu1+esm2 |
| focal | ignored | end of standard support, was needed |
| jammy | released | 1.31-3ubuntu1.2 |
| mantic | ignored | end of life, was needs-triage |
| noble | released | 1.31-3ubuntu3.24.04.2 |
Показывать по
8.1 High
CVSS3
Связанные уязвимости
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_deliver_report().
A flaw was found in ofono, an Open Source Telephony on Linux. A stack ...
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_deliver_report().
Уязвимость функции decode_deliver_report() стека мобильной телефонии oFono, позволяющая нарушителю выполнить произвольный код
8.1 High
CVSS3