Updated ofono packages fix security vulnerabilities
Publication date: 13 Feb 2025Modification date: 13 Feb 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-2794 , CVE-2023-4232 , CVE-2023-4233 , CVE-2023-4234 , CVE-2023-4235
Description
Sms decoder stack-based buffer overflow remote code execution
vulnerability within the decode_deliver() function. (CVE-2023-2794)
Sms decoder stack-based buffer overflow remote code execution
vulnerability within the decode_status_report() function.
(CVE-2023-4232)
Sms decoder stack-based buffer overflow remote code execution
vulnerability within the sms_decode_address_field(). (CVE-2023-4233)
Sms decoder stack-based buffer overflow remote code execution
vulnerability within the decode_submit_report() function.
(CVE-2023-4234)
Sms decoder stack-based buffer overflow remote code execution
vulnerability within the decode_deliver_report() function.
(CVE-2023-4235)
References
- https://bugs.mageia.org/show_bug.cgi?id=33841
- https://ubuntu.com/security/notices/USN-7141-1
- https://ubuntu.com/security/notices/USN-7151-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2794
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4232
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4233
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4234
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4235
SRPMS
9/core
- ofono-2.1-1.1.mga9