SecuritySpace - CVE-2023-4232

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2023-4232

Description: A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_status_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_status_report().

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2023-4232
RHBZ#2255394
https://bugzilla.redhat.com/show_bug.cgi?id=2255394

CVE ID:	CVE-2023-4232
Description:	A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_status_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_status_report().
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2023-4232 RHBZ#2255394 https://bugzilla.redhat.com/show_bug.cgi?id=2255394