CVE-2023-4233 - Vulnerability Details - OpenCVE

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fedoraproject	Fedora
Ofono Project	Ofono

Configuration 1 [-]

cpe:2.3:a:ofono_project:ofono:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:fedoraproject:fedora:38:::::::*
	cpe:2.3:o:fedoraproject:fedora:39:::::::*
	cpe:2.3:o:fedoraproject:fedora:40:::::::*

No data.

References

Link	Providers
https://bugzilla.redhat.com/show_bug.cgi?id=2255396

History

Thu, 07 Aug 2025 14:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Fedoraproject Fedoraproject fedora Ofono Project Ofono Project ofono
CPEs		cpe:2.3:a:ofono_project:ofono:::::::: cpe:2.3:o:fedoraproject:fedora:38:::::::* cpe:2.3:o:fedoraproject:fedora:39:::::::* cpe:2.3:o:fedoraproject:fedora:40:::::::*
Vendors & Products		Fedoraproject Fedoraproject fedora Ofono Project Ofono Project ofono

MITRE

Status: PUBLISHED

Assigner: fedora

Published: 2024-04-17T22:50:49.698Z

Updated: 2024-08-02T07:24:03.573Z

Reserved: 2023-08-08T08:02:24.411Z

Link: CVE-2023-4233

Vulnrichment

Updated: 2024-08-02T07:24:03.573Z

NVD

Status : Analyzed

Published: 2024-04-17T23:15:07.163

Modified: 2025-08-07T13:48:52.473

Link: CVE-2023-4233

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-4233", "assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "state": "PUBLISHED", "assignerShortName": "fedora", "dateReserved": "2023-08-08T08:02:24.411Z", "datePublished": "2024-04-17T22:50:49.698Z", "dateUpdated": "2024-08-02T07:24:03.573Z"}, "containers": {"cna": {"title": "Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the sms_decode_address_field() function", "metrics": [{"other": {"content": {"value": "Important", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS."}], "affected": [{"product": "ofono", "vendor": "n/a", "versions": [{"version": "2.1", "status": "unaffected"}]}, {"product": "Fedora", "vendor": "Fedora", "collectionURL": "https://packages.fedoraproject.org/", "packageName": "ofono", "defaultStatus": "affected"}], "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255396", "name": "RHBZ#2255396", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "datePublic": "2023-12-20T00:00:00+00:00", "problemTypes": [{"descriptions": [{"cweId": "CWE-119", "description": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer", "timeline": [{"lang": "en", "time": "2023-12-20T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2023-12-20T00:00:00+00:00", "value": "Made public."}], "credits": [{"lang": "en", "value": "Red Hat would like to thank Mitch Zakocs (Trend Micro Zero Day Initiative) for reporting this issue."}], "providerMetadata": {"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora", "dateUpdated": "2024-04-17T22:50:49.698Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-4233", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-04-22T19:33:03.801176Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:ofono_project:ofono:2.1:*:*:*:*:*:*:*"], "vendor": "ofono_project", "product": "ofono", "versions": [{"status": "affected", "version": "2.1"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:27:14.308Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:24:03.573Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255396", "name": "RHBZ#2255396", "tags": ["issue-tracking", "x_refsource_REDHAT", "x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255396", "name": "RHBZ#2255396", "tags": ["issue-tracking", "x_refsource_REDHAT", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:24:03.573Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-4233", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-04-22T19:33:03.801176Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:ofono_project:ofono:2.1:*:*:*:*:*:*:*"], "vendor": "ofono_project", "product": "ofono", "versions": [{"status": "affected", "version": "2.1"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-04-22T19:32:47.114Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the sms_decode_address_field() function", "credits": [{"lang": "en", "value": "Red Hat would like to thank Mitch Zakocs (Trend Micro Zero Day Initiative) for reporting this issue."}], "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Important", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "n/a", "product": "ofono", "versions": [{"status": "unaffected", "version": "2.1"}]}, {"vendor": "Fedora", "product": "Fedora", "packageName": "ofono", "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2023-12-20T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2023-12-20T00:00:00+00:00", "value": "Made public."}], "datePublic": "2023-12-20T00:00:00+00:00", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255396", "name": "RHBZ#2255396", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "descriptions": [{"lang": "en", "value": "A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}], "providerMetadata": {"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora", "dateUpdated": "2024-04-17T22:50:49.698Z"}, "x_redhatCweChain": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer"}}, "cveMetadata": {"cveId": "CVE-2023-4233", "state": "PUBLISHED", "dateUpdated": "2024-08-02T07:24:03.573Z", "dateReserved": "2023-08-08T08:02:24.411Z", "assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "datePublished": "2024-04-17T22:50:49.698Z", "assignerShortName": "fedora"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ofono_project:ofono:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9E3838F-EBD0-4FAD-BC50-A1A6AF787F58", "versionEndExcluding": "2.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*", "matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en ofono, una telefon\u00eda de c\u00f3digo abierto en Linux. Se activa un error de desbordamiento de pila dentro de la funci\u00f3n sms_decode_address_field() durante la decodificaci\u00f3n de la PDU de SMS. Se supone que se puede acceder al escenario del ataque desde un m\u00f3dem comprometido, una estaci\u00f3n base maliciosa o simplemente un SMS."}], "id": "CVE-2023-4233", "lastModified": "2025-08-07T13:48:52.473", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "patrick@puiterwijk.org", "type": "Secondary"}]}, "published": "2024-04-17T23:15:07.163", "references": [{"source": "patrick@puiterwijk.org", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255396"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255396"}], "sourceIdentifier": "patrick@puiterwijk.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "patrick@puiterwijk.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-119"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}