rpm package
opensuse/ofono&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/ofono&distro=openSUSE%20Tumbleweed
Vulnerabilities (11)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-7546 | Hig | 7.8 | < 2.19-3.1 | 2.19-3.1 | Aug 6, 2024 | oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploi | |
| CVE-2024-7544 | Hig | 7.8 | < 2.19-3.1 | 2.19-3.1 | Aug 6, 2024 | oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploi | |
| CVE-2024-7543 | Hig | 7.8 | < 2.19-3.1 | 2.19-3.1 | Aug 6, 2024 | oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploi | |
| CVE-2024-7541 | Low | 3.3 | < 2.19-3.1 | 2.19-3.1 | Aug 6, 2024 | oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order | |
| CVE-2024-7540 | Low | 3.3 | < 2.19-3.1 | 2.19-3.1 | Aug 6, 2024 | oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in orde | |
| CVE-2024-7539 | Hig | 7.8 | < 2.19-3.1 | 2.19-3.1 | Aug 6, 2024 | oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vuln | |
| CVE-2024-7538 | Hig | 7.8 | < 2.19-3.1 | 2.19-3.1 | Aug 6, 2024 | oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploi | |
| CVE-2024-7537 | Med | 5.5 | < 2.19-3.1 | 2.19-3.1 | Aug 6, 2024 | oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. Authentication is not required to exploit this vulnerability. The specific flaw exists | |
| CVE-2023-4234 | Hig | 8.1 | < 2.19-3.1 | 2.19-3.1 | Apr 17, 2024 | A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS | |
| CVE-2023-4232 | Hig | 8.1 | < 2.19-3.1 | 2.19-3.1 | Apr 17, 2024 | A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_status_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS | |
| CVE-2023-2794 | Hig | 8.1 | < 2.19-3.1 | 2.19-3.1 | Apr 10, 2024 | A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. Ther |
- affected < 2.19-3.1fixed 2.19-3.1
oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploi
- affected < 2.19-3.1fixed 2.19-3.1
oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploi
- affected < 2.19-3.1fixed 2.19-3.1
oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploi
- affected < 2.19-3.1fixed 2.19-3.1
oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order
- affected < 2.19-3.1fixed 2.19-3.1
oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in orde
- affected < 2.19-3.1fixed 2.19-3.1
oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vuln
- affected < 2.19-3.1fixed 2.19-3.1
oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploi
- affected < 2.19-3.1fixed 2.19-3.1
oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. Authentication is not required to exploit this vulnerability. The specific flaw exists
- affected < 2.19-3.1fixed 2.19-3.1
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS
- affected < 2.19-3.1fixed 2.19-3.1
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_status_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS
- affected < 2.19-3.1fixed 2.19-3.1
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. Ther