Home / mailings [USN-8178-1] oFono vulnerabilities
Posted on 16 April 2026
Ubuntu Security==========================================================================Ubuntu Security Notice USN-8178-1
April 16, 2026
ofono vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
oFono could be made to crash if it received specially crafted input.
Software Description:
- ofono: A free software project for mobile telephony applications
Details:
It was discovered that oFono incorrectly handled crafted responses
from AT commands. An attacker could possibly use this issue to crash
the program, resulting in a denial of service or arbitrary code
execution. (CVE-2024-7538, CVE-2024-7539, CVE-2024-7540, CVE-2024-7541,
CVE-2024-7542)
Lucas Leong discovered that oFono incorrectly handled crafted input.
An attacker could possibly use this issue to crash the program,
resulting in a denial of service or arbitrary code execution.
(CVE-2024-7543, CVE-2024-7544, CVE-2024-7545, CVE-2024-7546,
CVE-2024-7547)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
ofono 1.31-3ubuntu3.24.04.2+esm1
Available with Ubuntu Pro
Ubuntu 22.04 LTS
ofono 1.31-3ubuntu1.2+esm1
Available with Ubuntu Pro
Ubuntu 20.04 LTS
ofono 1.31-2ubuntu1+esm3
Available with Ubuntu Pro
Ubuntu 18.04 LTS
ofono 1.21-1ubuntu1+esm3
Available with Ubuntu Pro
Ubuntu 16.04 LTS
ofono 1.17.bzr6912+16.04.20160314.3-0ubuntu1+esm3
Available with Ubuntu Pro
References:
https://ubuntu.com/security/notices/USN-8178-1
CVE-2024-7538, CVE-2024-7539, CVE-2024-7540, CVE-2024-7541,
CVE-2024-7542, CVE-2024-7543, CVE-2024-7544, CVE-2024-7545,
CVE-2024-7546, CVE-2024-7547
--===============5247949285151536298==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
