Not a user yet?
Log in Register for free Suggest a product
Update

USN-8178-1: oFono vulnerabilities

Ubuntu ServerUbuntu Server
Canonical

USN-8178-1: oFono vulnerabilities

Publication date: 16 April 2026
Overview: oFono could be made to crash if it received specially crafted input.

Packages
ofono - A free software project for mobile telephony applications
Details
It was discovered that oFono incorrectly handled crafted responses
from AT commands. An attacker could possibly use this issue to crash
the program, resulting in a denial of service or arbitrary code
execution. (CVE-2024-7538, CVE-2024-7539, CVE-2024-7540, CVE-2024-7541,
CVE-2024-7542)

Lucas Leong discovered that oFono incorrectly handled crafted input.
An attacker could possibly use this issue to crash the program,
resulting in a denial of service or arbitrary code execution.
(CVE-2024-7543, CVE-2024-7544, CVE-2024-7545, CVE-2024-7546,
CVE-2024-7547)

Update instructions
In general, a standard system update will make all the necessary changes.
The problem can be corrected by updating your system to the following package versions:

  • 24.04 LTS noble ofono – 1.31-3ubuntu3.24.04.2+esm1
  • 22.04 LTS jammy ofono – 1.31-3ubuntu1.2+esm1
  • 20.04 LTS focal ofono – 1.31-2ubuntu1+esm3
  • 18.04 LTS bionic ofono – 1.21-1ubuntu1+esm3
  • 16.04 LTS xenial ofono – 1.17.bzr6912+16.04.20160314.3-0ubuntu1+esm3
More updatesTo the product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Receive Important Update Messages Stay tuned for upcoming Canonical updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad