Security News

Cybersecurity news aggregator

🔓
HIGH Vulnerabilities Ubuntu Security

USN-8178-1: oFono vulnerabilities

cve-2024-7538cve-2024-7539cve-2024-7540software-vulnerabilitysystem-compromise
Multiple vulnerabilities in oFono, including improper handling of crafted AT command responses and other crafted input, can lead to denial of service or arbitrary code execution. The CVSS scores for the listed CVEs range from High (7.8) to Low (3.3). The affected version, according to NVD data, is oFono 1.34, though specific fixed version numbers and workarounds are not provided in the available information.
Read Full Article →

It was discovered that oFono incorrectly handled crafted responses from AT commands. An attacker could possibly use this issue to crash the program, resulting in a denial of service or arbitrary code execution. (CVE-2024-7538, CVE-2024-7539, CVE-2024-7540, CVE-2024-7541, CVE-2024-7542) Lucas Leong discovered that oFono incorrectly handled crafted input. An attacker could possibly use this issue to crash the program, resulting in a denial of service or arbitrary code execution. (CVE-2024-7543, CVE-2024-7544, CVE-2024-7545, CVE-2024-7546, CVE-2024-7547)

Related Articles

MEDIUM Dutch Ministry of Finance discloses breach affecting employees BleepingComputer CRITICAL [NEU] [kritisch] Aqua Security Trivy: Schwachstelle ermöglicht vollständige Kompromittierung des Systems BSI Germany CRITICAL New GPUBreach attack enables system takeover via GPU rowhammer BleepingComputer HIGH [UPDATE] [hoch] Red Hat Enterprise Linux (cloud-init): Schwachstelle ermöglicht Erlangen von Administratorrechten BSI Germany
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn