Multiple vulnerabilities in oFono
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 11 |
| CVE-ID | CVE-2024-7546 CVE-2024-7537 CVE-2024-7538 CVE-2024-7539 CVE-2024-7540 CVE-2024-7541 CVE-2024-7542 CVE-2024-7543 CVE-2024-7544 CVE-2024-7545 CVE-2024-7547 |
| CWE-ID | CWE-122 CWE-125 CWE-121 CWE-200 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
oFono Universal components / Libraries / Libraries used by multiple products |
| Vendor | git.kernel.org |
Security Bulletin
This security bulletin contains information about 11 vulnerabilities.
1) Heap-based buffer overflow
EUVDB-ID: #VU95392
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-7546
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in SimToolKit within the parsing of STK command PDUs. A local user can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsoFono: 0.1 - 2.9
CPE2.3- cpe:2.3:a:git.kernel.org:ofono:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.7:*:*:*:*:*:*:*
http://www.zerodayinitiative.com/advisories/ZDI-24-1086/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU95405
Risk: Low
CVSSv3.1: 3.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-7537
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in QMI within the processing of SMS message lists. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsoFono: 0.1 - 2.9
CPE2.3- cpe:2.3:a:git.kernel.org:ofono:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.7:*:*:*:*:*:*:*
http://www.zerodayinitiative.com/advisories/ZDI-24-1077/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Stack-based buffer overflow
EUVDB-ID: #VU95404
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-7538
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in CUSD within the parsing of responses from AT Commands. A local user can trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsoFono: 0.1 - 2.9
CPE2.3- cpe:2.3:a:git.kernel.org:ofono:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.7:*:*:*:*:*:*:*
http://www.zerodayinitiative.com/advisories/ZDI-24-1078/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Stack-based buffer overflow
EUVDB-ID: #VU95403
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-7539
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary within the parsing of responses from AT+CUSD commands. A local user can trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsoFono: 0.1 - 2.9
CPE2.3- cpe:2.3:a:git.kernel.org:ofono:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.7:*:*:*:*:*:*:*
http://www.zerodayinitiative.com/advisories/ZDI-24-1079/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Information disclosure
EUVDB-ID: #VU95400
Risk: Low
CVSSv3.1: 3.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-7540
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to the lack of proper initialization of memory prior to accessing it within the parsing of responses from AT+CMGL commands. A local user can gain unauthorized access to sensitive information on the system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsoFono: 0.1 - 2.9
CPE2.3- cpe:2.3:a:git.kernel.org:ofono:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.7:*:*:*:*:*:*:*
http://www.zerodayinitiative.com/advisories/ZDI-24-1080/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Information disclosure
EUVDB-ID: #VU95398
Risk: Low
CVSSv3.1: 3.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-7541
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to the lack of proper initialization of memory prior to accessing it within the parsing of responses from AT+CMT commands. A local user can gain unauthorized access to sensitive information on the system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsoFono: 0.1 - 2.9
CPE2.3- cpe:2.3:a:git.kernel.org:ofono:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.7:*:*:*:*:*:*:*
http://www.zerodayinitiative.com/advisories/ZDI-24-1081/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Information disclosure
EUVDB-ID: #VU95397
Risk: Low
CVSSv3.1: 3.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-7542
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to the lack of proper initialization of memory prior to accessing it within the parsing of responses from AT+CMGR commands. A local user can gain unauthorized access to sensitive information on the system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsoFono: 0.1 - 2.9
CPE2.3- cpe:2.3:a:git.kernel.org:ofono:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.7:*:*:*:*:*:*:*
http://www.zerodayinitiative.com/advisories/ZDI-24-1082/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Heap-based buffer overflow
EUVDB-ID: #VU95396
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-7543
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in SimToolKit within the parsing of STK command PDUs. A local user can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsoFono: 0.1 - 2.9
CPE2.3- cpe:2.3:a:git.kernel.org:ofono:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.7:*:*:*:*:*:*:*
http://www.zerodayinitiative.com/advisories/ZDI-24-1083/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Heap-based buffer overflow
EUVDB-ID: #VU95395
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-7544
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in SimToolKit within the parsing of STK command PDUs. A local user can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsoFono: 0.1 - 2.9
CPE2.3- cpe:2.3:a:git.kernel.org:ofono:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.7:*:*:*:*:*:*:*
http://www.zerodayinitiative.com/advisories/ZDI-24-1084/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Heap-based buffer overflow
EUVDB-ID: #VU95394
Risk: Low
CVSSv3.1: 7.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-7545
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in SimToolKit within the parsing of STK command PDUs. A local user can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsoFono: 0.1 - 2.9
CPE2.3- cpe:2.3:a:git.kernel.org:ofono:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.7:*:*:*:*:*:*:*
http://www.zerodayinitiative.com/advisories/ZDI-24-1085/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Stack-based buffer overflow
EUVDB-ID: #VU95393
Risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2024-7547
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in SMS Decoder within the parsing of SMS PDUs. A local user can trigger stack-based buffer overflow and execute arbitrary code on the target system with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsoFono: 0.1 - 2.9
CPE2.3- cpe:2.3:a:git.kernel.org:ofono:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:git.kernel.org:ofono:2.7:*:*:*:*:*:*:*
http://www.zerodayinitiative.com/advisories/ZDI-24-1087/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
