Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Ella Core panics on malformed ULNASTransport Message without a Request Type
Vulnerability Description
Ella Core is a 5G core designed for private networks. Versions prior to 1.6.0 panic when processing malformed UL NAS Transport NAS messages without a Request Type. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all connected subscribers. No authentication is required. Version 1.6.0 adds a guard when receiving an UL NAS Message without a Request Type given no SM Context.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
空指针解引用
Vulnerability Title
Ella Core 代码问题漏洞
Vulnerability Description
Ella Core是Ella Networks开源的一个用于私有网络的5G核心网解决方案。 Ella Core 1.6.0之前版本存在代码问题漏洞,该漏洞源于处理缺少Request Type的格式错误UL NAS传输NAS消息时发生内核崩溃,可能导致服务中断。
CVSS Information
N/A
Vulnerability Type
N/A