漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Session Report Response that is missing the mandatory Cause Information Element, the session report handler dereferences a nil pointer instead of rejecting the malformed message. This triggers a panic and terminates the UPF process. An attacker who can send PFCP Session Report Response messages to the UPF's N4/PFCP endpoint can exploit this flaw to repeatedly crash the UPF and disrupt user-plane services.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
UPF 安全漏洞
Vulnerability Description
UPF是Aether SD-Core Project开源的一个用户界面。 UPF upf-epc-pfcpiface:2.1.3-dev版本存在安全漏洞,该漏洞源于处理缺少原因信息元素的PFCP会话报告响应时取消引用空指针,可能导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A