Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 40: Security Advisory FEDORA-2024-112fde4e1b Buffer Overflow Fixes

fedora
Calendar Grey January 6, 2025
Dist Fedora Esm H88
Fedora 40 ofono enhancement addresses security flaws through patches for buffer overflow vulnerabilities and privilege escalation risks.
Update to v2.14

Summary

oFono.org is a place to bring developers together around designing an

infrastructure for building mobile telephony (GSM/UMTS) applications.

oFono includes a high-level D-Bus API for use by telephony applications.

oFono also includes a low-level plug-in API for integrating with telephony

stacks, cellular modems and storage back-ends.

Update Information:

Update to v2.14

Topics%20covered

Topics Covered

security advisory update buffer overflow Fedora telephony application

Change Log

* Sat Dec 28 2024 Artur Frenszek-Iwicki - 2.14-1 - Update to v2.14

References


[ 1 ] Bug #2303457 - CVE-2024-7547 ofono: oFono: Stack-based Buffer Overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2303457 [ 2 ] Bug #2303595 - CVE-2024-7546 ofono: ofono: Buffer Overflow Privilege Escalation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2303595 [ 3 ] Bug #2303597 - CVE-2024-7544 ofono: oFono: Heap-based Buffer Overflow Privilege Escalation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2303597 [ 4 ] Bug #2303598 - CVE-2024-7543 ofono: oFono: Heap-based Buffer Overflow Privilege Escalation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2303598 [ 5 ] Bug #2332134 - ofono-2.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=2332134

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-112fde4e1b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: ofono
Product: Fedora 40
Version: 2.14
Release: 1.fc40
URL: https://www.intel.com/content/www/us/en/developer/topic-technology/open/overview.html
Summary: Open Source Telephony

Topics%20covered

Topics Covered

security advisory update buffer overflow Fedora telephony application

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here