CVE-2023-2794 – CVE-2023-2794 is a stack overflow vulnerability... (How to Fix)

Q: What is the severity of CVE-2023-2794?

CVE-2023-2794 has a CVSS score of 8.1 (HIGH). CVE-2023-2794 is a stack overflow vulnerability in ofono's SMS decoding function that allows remote code execution. It affects Linux systems using ofono for telephony services. Attackers could exploit this via SMS messages, compromised modems, or malicious base stations.

📋 TL;DR

CVE-2023-2794 is a stack overflow vulnerability in ofono's SMS decoding function that allows remote code execution. It affects Linux systems using ofono for telephony services. Attackers could exploit this via SMS messages, compromised modems, or malicious base stations.

💻 Affected Systems

Products:

ofono

Versions: All versions before the fix

Operating Systems: Linux distributions using ofono

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems with ofono enabled for SMS handling, common in mobile/embedded Linux devices

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with root privileges leading to data theft, persistence, or device takeover

🟠

Likely Case

Remote code execution with ofono process privileges leading to service disruption or lateral movement

🟢

If Mitigated

Denial of service if exploit fails or is blocked by network controls

🌐 Internet-Facing: MEDIUM - Requires SMS delivery or modem access, not directly internet-exposed

🏢 Internal Only: HIGH - Internal SMS systems or compromised modems could trigger exploitation

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires SMS delivery capability or modem access; no public exploit code known

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check distribution-specific updates

Vendor Advisory: https://bugzilla.redhat.com/show_bug.cgi?id=2255387

Restart Required: Yes

Instructions:

1. Update ofono package via distribution package manager 2. Restart ofono service or reboot system 3. Verify patch applied

🔧 Temporary Workarounds

Disable SMS processing

linux

Temporarily disable SMS message processing in ofono configuration

systemctl stop ofono
Edit /etc/ofono/*.conf to disable SMS features

Network filtering

all

Block SMS messages at network level if possible

🧯 If You Can't Patch

Isolate affected systems from SMS-capable networks
Implement strict network segmentation for telephony components

🔍 How to Verify

Check if Vulnerable:

Check ofono version and compare with patched versions from distribution advisories

Check Version:

ofonod --version 2>/dev/null || rpm -q ofono 2>/dev/null || dpkg -l | grep ofono

Verify Fix Applied:

Verify ofono package version matches patched version from vendor

📡 Detection & Monitoring

Log Indicators:

ofono crash logs
SMS processing errors
segmentation faults in ofono process

Network Indicators:

Unusual SMS traffic patterns
SMS from unexpected sources

SIEM Query:

process:ofonod AND (event:crash OR event:segfault)

📊 Metadata

CVE ID: CVE-2023-2794

CVSS v3 Score: 8.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-119

Published: April 10, 2024

Last Updated: November 4, 2025

🔗 References

https://bugzilla.redhat.com/show_bug.cgi?id=2255387 Exploit,Issue Tracking,Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2255387 Exploit,Issue Tracking,Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLAWJAAS3HDI2KMCZXF4DMR3Y4BQNMKO/

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-2794, you might also want to check these: