Alerts This Week
Warning Icon 1 1,213
Alerts This Week
Warning Icon 1 1,213

openSUSE ofono Security Update 2026-21154-1 for CVE-2023-2794 CVE-2023-4232

opensuse
Calendar Grey June 30, 2026
Dist Opensuse Esm H88
An important openSUSE update for ofono resolves 16 issues including buffer overflows and parser vulnerabilities.
An update that solves 16 vulnerabilities and has 16 bug fixes can now be installed.

Description

This update for ofono fixes the following issues:

Changes in ofono:

- Reference the tracking bugs for the SMS/STK/USSD decoder security

fixes applied upstream across the 2.14-2.17 updates:

* SMS decoder stack buffer overflows: CVE-2023-2794 (boo#1218292),

CVE-2023-4232 (boo#1218293), CVE-2023-4233 (boo#1218294),

CVE-2023-4234 (boo#1218295), CVE-2023-4235 (boo#1218296)

* SMS PDU / message-list parsing overflows and OOB read:

CVE-2024-7537 (boo#1228903), CVE-2024-7547 (boo#1228917)

* AT-command / USSD response parsing overflows: CVE-2024-7538

(boo#1228904), CVE-2024-7539 (boo#1228905)

* Uninitialized-memory information disclosure: CVE-2024-7540

(boo#1228906), CVE-2024-7541 (boo#1228907), CVE-2024-7542

(boo#1228908)

* STK command PDU heap overflows: CVE-2024-7543 (boo#1228910),

CVE-2024-7544 (boo#1228913), CVE-2024-7545 (boo#1228914),

CVE-2024-7546 (boo#1228916)

- Update to version 2.19

* Add support for PPP reset workaround for SIM7100...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory buffer overflow at command important OpenSUSE SMS parsing

Patch

Package List

- openSUSE Leap 16.0:

ofono-2.19-bp160.1.1

ofono-devel-2.19-bp160.1.1

ofono-tests-2.19-bp160.1.1

References

* bsc#1218292

* bsc#1218293

* bsc#1218294

* bsc#1218295

* bsc#1218296

* bsc#1228903

* bsc#1228904

* bsc#1228905

* bsc#1228906

* bsc#1228907

* bsc#1228908

* bsc#1228910

* bsc#1228913

* bsc#1228914

* bsc#1228916

* bsc#1228917

References:

* https://www.suse.com/security/cve/CVE-2023-2794.html

* https://www.suse.com/security/cve/CVE-2023-4232.html

* https://www.suse.com/security/cve/CVE-2023-4233.html

* https://www.suse.com/security/cve/CVE-2023-4234.html

* https://www.suse.com/security/cve/CVE-2023-4235.html

* https://www.suse.com/security/cve/CVE-2024-7537.html

* https://www.suse.com/security/cve/CVE-2024-7538.html

* https://www.suse.com/security/cve/CVE-2024-7539.html

* https://www.suse.com/security/cve/CVE-2024-7540.html

* https://www.suse.com/security/cve/CVE-2024-7541.html

* https://www.suse.com/security/cve/CVE-2024-7542.html

* https://www.suse.com/security/cve/CVE-2024-7543.html

* https://www.suse.com/security/cve/CVE-2024-7544.html

* https://www.suse.com/security/cve/CVE-2024-7545.html

*...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:21154-1
Rating: important
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Topics%20covered

Topics Covered

security advisory buffer overflow at command important OpenSUSE SMS parsing

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here