git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit

author	Yogita Urade <yogita.urade@windriver.com>
	Tue, 14 Jan 2025 08:03:21 +0000 (08:03 +0000)
committer	Steve Sakoman <steve@sakoman.com>
	Tue, 14 Jan 2025 13:49:41 +0000 (05:49 -0800)
commit	33b2a67b3134498e8c4845efddc7854b4d2315cd
tree	705cac7fdede2ebf6ab907f8aeebd6cd3af3fa55	tree \| snapshot
parent	f062d2e4ad3d0a35a2dadda679632d5d213b8487	commit \| diff

ofono: fix CVE-2024-7546

oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation
Vulnerability. This vulnerability allows local attackers to execute
arbitrary code on affected installations of oFono. An attacker must
first obtain the ability to execute code on the target modem in
order to exploit this vulnerability.

The specific flaw exists within the parsing of STK command PDUs.
The issue results from the lack of proper validation of the length
of user-supplied data prior to copying it to a heap-based buffer.
An attacker can leverage this vulnerability to execute code in the
context of the service account. Was ZDI-CAN-23459.

Reference:
https://security-tracker.debian.org/tracker/CVE-2024-7546

Upstream patch:
https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=79ea6677669e50b0bb9c231765adb4f81c375f63

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

meta/recipes-connectivity/ofono/ofono/CVE-2024-7546.patch	[new file with mode: 0644]	blob
meta/recipes-connectivity/ofono/ofono_1.34.bb		diff \| blob \| blame \| history