Ubuntu 24.04 LTS oFono Critical Denial of Service Vuln USN-8178-1
ubuntu
April 16, 2026
oFono could be made to crash if it received specially crafted input.
Summary
oFono could be made to crash if it received specially crafted input.
Software Description:
- ofono: A free software project for mobile telephony applications
Details:
It was discovered that oFono incorrectly handled crafted responses
from AT commands. An attacker could possibly use this issue to crash
the program, resulting in a denial of service or arbitrary code
execution. (CVE-2024-7538, CVE-2024-7539, CVE-2024-7540, CVE-2024-7541,
CVE-2024-7542)
Lucas Leong discovered that oFono incorrectly handled crafted input.
An attacker could possibly use this issue to crash the program,
resulting in a denial of service or arbitrary code execution.
(CVE-2024-7543, CVE-2024-7544, CVE-2024-7545, CVE-2024-7546,
CVE-2024-7547)
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
ofono 1.31-3ubuntu3.24.04.2+esm1
Available with Ubuntu Pro
Ubuntu 22.04 LTS
ofono 1.31-3ubuntu1.2+esm1
Available with Ubuntu Pro
Ubuntu 20.04 LTS
ofono 1.31-2ubuntu1+esm3
Available with Ubuntu Pro
Ubuntu 18.04 LTS
ofono 1.21-1ubuntu1+esm3
Available with Ubuntu Pro
Ubuntu 16.04 LTS
ofono 1.17.bzr6912+16.04.20160314.3-0ubuntu1+esm3
Available with Ubuntu ProReferences
https://ubuntu.com/security/notices/USN-8178-1
CVE-2024-7538, CVE-2024-7539, CVE-2024-7540, CVE-2024-7541,
CVE-2024-7542, CVE-2024-7543, CVE-2024-7544, CVE-2024-7545,
CVE-2024-7546, CVE-2024-7547
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-8178-1
Topics Covered
Package Information
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!