16 matches found
CVE-2023-2794
ofono on Linux is affected by a stack-based buffer overflow in decode_deliver() during SMS decoding, due to a missing bound check that exists in decode_submit(). This can enable remote code execution when an attacker sends crafted SMS or via a compromised modem/malicious base station. Connected a...
CVE-2023-4235
CVE-2023-4235 — ofono SMS decoding stack overflow Affected software: ofono (Open Source Telephony stack on Linux). Vulnerability: A stack-based buffer overflow occurs in the decode_deliver_report() path used for SMS decoding. The issue stems from a missing bound check for the memcpy length in dec...
CVE-2023-4234
CVE-2023-4234 affects ofono (Open Source Telephony on Linux). The vulnerability is a stack-based buffer overflow triggered in decode_submit_report() during SMS decoding, with a bound check missing for the memcpy length in that function. Attack surface is plausible from a compromised modem, malici...
CVE-2023-4233
CVE-2023-4233 describes a stack-based buffer overflow in ofono’s sms_decode_address_field() during SMS PDU decoding, enabling potential remote code execution. The vulnerability is tied to ofono on Linux and is considered exploitable from remote sources such as compromised modems or SMS channels. ...
CVE-2023-4232
CVE-2023-4232 affects ofono on Linux. A stack overflow in the decode_status_report() path during SMS decoding (missing bound check for memcpy length) can be triggered remotely via SMS, modem, or base station access. Impact is high (C, I, A all high) with network access and no user interaction req...
CVE-2024-7540
CVE-2024-7540 concerns oFono’s AT CMGL command handling. The issue stems from uninitialized memory during parsing of AT+CMGL responses, which can allow a local attacker who already has code execution on the target modem to disclose sensitive information and potentially escalate to root. Affected ...
CVE-2024-7547
CVE-2024-7547 corresponds to an oFono vulnerability: a stack-based buffer overflow in the SMS PDU parser that allows a local attacker who can run code on the target modem to execute arbitrary code in the context of the service account. Root cause: insufficient validation of user-supplied data len...
CVE-2024-7543
CVE-2024-7543 affects oFono with a heap-based buffer overflow in SimToolKit processing of STK command PDUs. The root cause is improper validation of user-supplied data length before copying to a heap buffer, allowing a local attacker to execute code in the service account context. Documents also ...
CVE-2024-7542
CVE-2024-7542 concerns oFono and the AT+CMGR handling logic. The flaw is described as an uninitialized memory access during parsing of AT CMGR command responses, enabling a local attacker who can execute code on the target modem to disclose sensitive information and potentially execute arbitrary ...
CVE-2024-7538
CVE-2024-7538 affects oFono and is caused by a stack-based buffer overflow in the CUSD AT command response parsing due to improper validation of user-supplied data length. This allows a local attacker who can run code on the target modem to execute arbitrary code with root privileges. The issue i...
CVE-2024-7545
CVE-2024-7545 affects oFono via a heap-based buffer overflow in STK command PDU parsing. The flaw arises from insufficient validation of user-supplied data length, enabling a local attacker to execute code with the service account context after gaining code execution on the target modem. Evidence...
CVE-2024-7539
The CVE-2024-7539 entry describes a local, stack-based buffer overflow in oFono’s handling of AT+CUSD responses, allowing code execution with root privileges on affected modems. The root cause is missing validation of the length of user-supplied data copied into a stack buffer. Exploitation requi...
CVE-2024-7544
CVE-2024-7544 describes a heap-based buffer overflow in oFono’s parsing of STK command PDUs, enabling local privilege escalation. The flaw arises from insufficient validation of the length of user-supplied data prior to copying to a heap buffer, allowing code execution in the service account cont...
CVE-2024-7546
CVE-2024-7546 affects oFono’s STK PDUs handling: a heap-based buffer overflow in SimToolKit processing can enable local code execution. The vulnerability requires the attacker to already execute code on the target modem, executing in the service account context. Root cause is improper validation ...
CVE-2024-7537
CVE-2024-7537 describes an oFono vulnerability in QMI SMS handling that allows local read past the end of a buffer during processing of SMS message lists. The flaw arises from insufficient validation of user-supplied data, enabling information disclosure and, in conjunction with other issues, pot...
CVE-2024-7541
CVE-2024-7541 concerns oFono, specifically the AT+CMT Command parsing flaw. The vulnerability arises from uninitialized memory access during response parsing, enabling local attackers with code execution context as root when combined with other weaknesses. Affected component is oFono’s modem AT+C...