Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Ella Core panics when processing a crafted NGAP LocationReport message
Vulnerability Description
Ella Core is a 5G core designed for private networks. Versions prior to 1.7.0 panic when processing a specially crafted NGAP LocationReport message. An attacker able to send crafted NGAP messages to Ella Core can crash the process, causing service disruption for all connected subscribers. Version 1.7.0 adds guards in NGAP Location Report handler.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
空指针解引用
Vulnerability Title
Ella Core 代码问题漏洞
Vulnerability Description
Ella Core是Ella Networks开源的一个用于私有网络的5G核心网解决方案。 Ella Core 1.7.0之前版本存在代码问题漏洞,该漏洞源于处理特制NGAP LocationReport消息时发生内核崩溃,可能导致攻击者使进程崩溃,造成所有连接用户的服务中断。
CVSS Information
N/A
Vulnerability Type
N/A