Stack-based buffer overflow in oFono - CVE-2024-7538
Published: August 6, 2024
oFono
Detailed vulnerability description
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in CUSD within the parsing of responses from AT Commands. A local user can trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.