git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit

author	Yogita Urade <yogita.urade@windriver.com>
	Tue, 14 Jan 2025 12:51:27 +0000 (12:51 +0000)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Mon, 20 Jan 2025 13:38:56 +0000 (13:38 +0000)
commit	55aea716ca4665cf45579247dd5feec5668dd94f
tree	ffa13074037feaf12af192d592e035b82af28ee4	tree
parent	80151340b0b20610030f3026e9fc71ef5970c2c5	commit \| diff

ofono: fix CVE-2024-7539

oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability.
This vulnerability allows local attackers to execute arbitrary code
on affected installations of oFono. An attacker must first obtain
the ability to execute code on the target modem in order to exploit
this vulnerability.

The specific flaw exists within the parsing of responses from AT+CUSD
commands. The issue results from the lack of proper validation of the
length of user-supplied data prior to copying it to a stack-based buffer.
An attacker can leverage this vulnerability to execute code in the
context of root. Was ZDI-CAN-23195.

Reference:
https://security-tracker.debian.org/tracker/CVE-2024-7539

Upstream patch:
https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=389e2344f86319265fb72ae590b470716e038fdc

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-connectivity/ofono/ofono/CVE-2024-7539.patch	[new file with mode: 0644]	blob
meta/recipes-connectivity/ofono/ofono_2.14.bb		diff \| blob \| blame \| history