Login Sign Up

CVE-2023-4232

8.1 HIGH
Remote Code Execution

📋 TL;DR

CVE-2023-4232 is a stack overflow vulnerability in ofono's SMS decoding function that allows remote code execution. Attackers can exploit this via SMS messages, compromised modems, or malicious base stations. This affects Linux systems running vulnerable versions of ofono telephony software.

💻 Affected Systems

Products:
  • ofono
Versions: All versions before the fix
Operating Systems: Linux distributions using ofono
Default Config Vulnerable: ⚠️ Yes
Notes: Systems with SMS functionality enabled via ofono are vulnerable. Embedded/IoT devices using ofono for telephony are particularly at risk.

📦 What is this software?

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Ofono by Ofono Project

View all CVEs affecting Ofono →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, privilege escalation, and potential lateral movement within affected networks.

🟠

Likely Case

Denial of service (crash) of ofono service, potentially disrupting telephony/SMS functionality on affected systems.

🟢

If Mitigated

Limited impact if SMS functionality is disabled or network segmentation prevents malicious SMS delivery.

🌐 Internet-Facing: MEDIUM - Requires SMS delivery capability or modem access, not directly internet-exposed but can be reached via telephony networks.
🏢 Internal Only: MEDIUM - Internal systems with SMS capabilities or modem connections could be vulnerable to targeted attacks.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires sending specially crafted SMS messages or compromising modem/base station. No public exploit code known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check distribution-specific updates (Fedora, RHEL, etc.)

Vendor Advisory: https://bugzilla.redhat.com/show_bug.cgi?id=2255394

Restart Required: Yes

Instructions:

1. Update ofono package via your distribution's package manager. 2. For Fedora/RHEL: 'sudo dnf update ofono'. 3. Restart ofono service: 'sudo systemctl restart ofono'.

🔧 Temporary Workarounds

Disable SMS functionality

linux

Temporarily disable SMS message processing in ofono if not required

sudo systemctl stop ofono
sudo systemctl disable ofono

🧯 If You Can't Patch

  • Implement network segmentation to isolate systems with SMS capabilities
  • Deploy SMS filtering/gateway solutions to block malicious SMS messages

🔍 How to Verify

Check if Vulnerable:

Check ofono version: 'ofonod --version' or 'rpm -q ofono' (RHEL/Fedora) or 'dpkg -l ofono' (Debian/Ubuntu)

Check Version:

ofonod --version 2>/dev/null || rpm -q ofono || dpkg -l ofono | grep ofono

Verify Fix Applied:

Verify updated version is installed and ofono service is running without crashes

📡 Detection & Monitoring

Log Indicators:

  • ofono service crashes
  • segmentation faults in ofono logs
  • unusual SMS processing errors

Network Indicators:

  • Unusual SMS traffic patterns
  • SMS messages with malformed headers

SIEM Query:

process.name: "ofonod" AND (event.action: "crashed" OR event.outcome: "failure")

📊 Metadata

CVE ID: CVE-2023-4232
CVSS v3 Score: 8.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-119
Published: April 17, 2024
Last Updated: November 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-4232, you might also want to check these:

CVE-2024-23613 10.0

A critical buffer overflow vulnerability in Symantec Deployment Solution 7.9 allows remote, unauthen...

Same vulnerability type (CWE-119)
CVE-2024-23615 10.0

A critical buffer overflow vulnerability in Symantec Messaging Gateway allows remote unauthenticated...

Same vulnerability type (CWE-119)
CVE-2026-2776 10.0

This CVE describes a sandbox escape vulnerability in Firefox's Telemetry component due to incorrect ...

Same vulnerability type (CWE-119)