VDB
CVE-2023-4233
CVE-2023-4233
PUBLISHED
CVSS 8.100000381469727 HIGH
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS.
EPSS 0.17% · 37.9th percentile
Risk Scores
CVSS 3.1
8.100000381469727
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.17%
37.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | ofono | 2.1 |
| ofono_project | ofono | 0 |
| fedoraproject | fedora | 38, 40, 39 |
| Fedora | Fedora | |
| ofono_project | ofono | 2.1 |
Exploit Intelligence
Timeline
- Dec 20, 2023 CVE Published
- Apr 18, 2024 EPSS Score
- May 13, 2024 EPSS Score
- Jun 8, 2024 EPSS Score
- Jul 2, 2024 EPSS Score
- Jul 27, 2024 EPSS Score
- Aug 21, 2024 EPSS Score
- Sep 15, 2024 EPSS Score
- Oct 10, 2024 EPSS Score
- Nov 28, 2024 EPSS Score
- Dec 24, 2024 EPSS Score
- Jan 18, 2025 EPSS Score
References
- RHBZ#2255396 issue
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NBTPKR3LYTTLROPXF77FL4SPLXVHNC4T/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VG6FHQITWUNHBDGPXUQ77SZK5O5BYIBZ/ url
- https://nvd.nist.gov/vuln/detail/CVE-2023-4233 advisory
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NBTPKR3LYTTLROPXF77FL4SPLXVHNC4T url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VG6FHQITWUNHBDGPXUQ77SZK5O5BYIBZ url