UBUNTU-CVE-2024-47079

Source
https://ubuntu.com/security/CVE-2024-47079
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-47079.json
JSON Data
https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2024-47079
Related
  • CVE-2024-47079
Published
2024-10-07T20:15:00Z
Modified
2025-01-13T10:26:19Z
Summary
[none]
Details

Meshtastic is an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic firmware is an open source firmware implementation for the broader project. The remote hardware module of the firmware does not have proper checks to ensure a remote hardware control message was received should be considered valid. This issue has been addressed in release version 2.5.1. All users are advised to upgrade. There are no known workarounds for this vulnerability.

References

Affected packages

Ubuntu:24.10 / meshtastic

Package

Name
meshtastic
Purl
pkg:deb/ubuntu/meshtastic@2.3.14-2?arch=source&distro=oracular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.3.12-1
2.3.14-1
2.3.14-2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}