Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Open5GS AMF npcf-build.c amf_nsmf_pdusession_build_create_sm_context denial of service
Vulnerability Description
A vulnerability was identified in Open5GS up to 2.7.5. Affected by this vulnerability is the function amf_npcf_am_policy_control_build_create/amf_nsmf_pdusession_build_create_sm_context of the file src/amf/npcf-build.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The patch is named cf63dd63197bf61a4b041aa364ba6a6199ab15e4. It is recommended to upgrade the affected component.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
不恰当的资源关闭或释放
Vulnerability Title
Open5GS 安全漏洞
Vulnerability Description
Open5GS是Open5GS开源的一个 5G Core 和 Epc 的 C 语言开源实现,即 Lte/Nr 网络的核心网络。 Open5GS 2.7.5及之前版本存在安全漏洞,该漏洞源于文件src/amf/npcf-build.c中函数amf_npcf_am_policy_control_build_create/amf_nsmf_pdusession_build_create_sm_context导致拒绝服务,可能导致远程攻击。
CVSS Information
N/A
Vulnerability Type
N/A