# [PCF] Memory Leak via CORS Middleware Registration in HTTP Handler Leads to Denial of Service ## Vulnerability Overview In the PCF (Policy Control Function) of free5GC, there is a memory leak vulnerability. An attacker, without authentication, can simply access the PCF SBI interface over the network and send repeated HTTP requests to the OAM endpoint, causing uncontrolled memory growth. **Technical Details:** * **Trigger Point:** The `use()` method of the root router registers a new CORS middleware internally. * **Cause:** In the Gin framework, `router.use()` is not idempotent. It does not replace existing middleware but appends a new instance to the router’s internal middleware slice each time it is called. * **Consequence:** As requests increase, Gin executes more and more instances of the CORS middleware, leading to permanent memory growth, eventually exhausting memory and resulting in a denial of service (DoS). ## Impact Scope * **Affected Versions:** free5GC /dev/null & $((i % 100)) -eq 0 && wait && echo "[*] $i req sent" done wait ```