Ofono Project: >> Ofono >> 2.1 Security Vulnerabilities
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_deliver().
CVSS Score
8.1
EPSS Score
0.002
Published
2024-04-10