CVE-2025-8805 Open5GS SMF gsm-sm.c smf_gsm_state_wait_pfcp_deletion denial of service

🗓️ 10 Aug 2025 10:32:08Reported by VulDBType

Open5GS SMF DoS via smf_gsm_state_wait_pfcp_deletion; remote; affects 2.7.5; upgrade 2.7.6

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-8805	10 Aug 202515:16	–	circl
CNNVD	Open5GS 安全漏洞	10 Aug 202500:00	–	cnnvd
CNVD	Open5GS Denial of Service Vulnerability (CNVD-2025-18569)	15 Aug 202500:00	–	cnvd
CVE	CVE-2025-8805	10 Aug 202510:32	–	cve
EUVD	EUVD-2025-24087	3 Oct 202520:07	–	euvd
NVD	CVE-2025-8805	10 Aug 202511:15	–	nvd
Positive Technologies	PT-2025-32479 · Open5Gs · Open5Gs	10 Aug 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-8805	12 Aug 202511:25	–	redhatcve
Vulnrichment	CVE-2025-8805 Open5GS SMF gsm-sm.c smf_gsm_state_wait_pfcp_deletion denial of service	10 Aug 202510:32	–	vulnrichment

[
  {
    "vendor": "n/a",
    "product": "Open5GS",
    "versions": [
      {
        "version": "2.7.0",
        "status": "affected"
      },
      {
        "version": "2.7.1",
        "status": "affected"
      },
      {
        "version": "2.7.2",
        "status": "affected"
      },
      {
        "version": "2.7.3",
        "status": "affected"
      },
      {
        "version": "2.7.4",
        "status": "affected"
      },
      {
        "version": "2.7.5",
        "status": "affected"
      },
      {
        "version": "2.7.6",
        "status": "unaffected"
      }
    ],
    "modules": [
      "SMF"
    ]
  }
]

Source	Link
github	www.github.com/open5gs/open5gs/issues/4000
github	www.github.com/open5gs/open5gs/issues/4000
github	www.github.com/open5gs/open5gs/commit/c58b8f081986aaf2a312d73a0a17985518b47fe6
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/user-attachments/files/21229739/smf_crash.zip
github	www.github.com/ZHENGHAOHELLO/BugReport
github	www.github.com/open5gs/open5gs/releases/tag/v2.7.6
vuldb	www.vuldb.com/

15 Aug 2025 13:44Current

CVSS 25

CVSS 3.15.3

CVSS 35.3

CVSS 46.9

EPSS0.01386

CWE-404

open5gs; session management function; denial of service; version 2.7.5; upgrade 2.7.6; patch id c58b8f081986aaf2a312d73a0a17985518b47fe6