Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Open5GS FAR-ID handler.c ogs_pfcp_handle_create_pdr null pointer dereference
Vulnerability Description
A flaw has been found in Open5GS up to 2.7.5. This impacts the function ogs_pfcp_handle_create_pdr in the library lib/pfcp/handler.c of the component FAR-ID Handler. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is said to be difficult. The exploit has been published and may be used. This patch is called 93a9fd98a8baa94289be3b982028201de4534e32. It is advisable to implement a patch to correct this issue.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
空指针解引用
Vulnerability Title
Open5GS 代码问题漏洞
Vulnerability Description
Open5GS是Open5GS开源的一个 5G Core 和 Epc 的 C 语言开源实现,即 Lte/Nr 网络的核心网络。 Open5GS 2.7.5及之前版本存在代码问题漏洞,该漏洞源于FAR-ID Handler组件中函数ogs_pfcp_handle_create_pdr的错误操作,可能导致空指针取消引用。
CVSS Information
N/A
Vulnerability Type
N/A