Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

oFono — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting oFono. AI-powered Chinese analysis, POCs, and references for each vulnerability.

oFono serves as the telephony stack for Linux-based mobile devices, handling cellular communications and modem interactions. Historically, it has been susceptible to remote code execution, memory corruption, and privilege escalation vulnerabilities due to improper input validation and boundary checks in its modem communication protocols. The project's 11 recorded CVEs highlight risks in handling malformed network data and insufficient privilege separation between user and system components. While no major public security incidents have been widely documented, the consistent discovery of memory flaws underscores the challenges in securing complex hardware abstraction layers in embedded telephony systems.

Top products by oFono: oFono
CVE IDTitleCVSSSeverityPublished
CVE-2024-7547 oFono SMS Decoder Stack-based Buffer Overflow Privilege Escalation Vulnerability — oFonoCWE-121 8.4 -2024-08-05
CVE-2024-7546 oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability — oFonoCWE-122 8.4 -2024-08-05
CVE-2024-7545 oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability — oFonoCWE-122 8.4 -2024-08-05
CVE-2024-7544 oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability — oFonoCWE-122 8.4 -2024-08-05
CVE-2024-7543 oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability — oFonoCWE-122 8.4 -2024-08-05
CVE-2024-7542 oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability — oFonoCWE-457 6.2 -2024-08-05
CVE-2024-7541 oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability — oFonoCWE-457 6.2 -2024-08-05
CVE-2024-7540 oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability — oFonoCWE-457 6.2 -2024-08-05
CVE-2024-7539 oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability — oFonoCWE-121 8.4 -2024-08-05
CVE-2024-7538 oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability — oFonoCWE-121 7.8 -2024-08-05
CVE-2024-7537 oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulnerability — oFonoCWE-125 6.2 -2024-08-05

This page lists every published CVE security advisory associated with oFono. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.