81 matches found
EUVD-2026-33696
FlexRIC v2.0.0 uses hardcoded assertions to validate Information Element IE counts in decoded E2AP messages. A remote unauthenticated attacker can send a valid E2AP PDU containing an unexpected number of IEs e.g., an E2setupRequest with extra optional fields to crash the near-RT RIC port 36421 or...
CVE-2026-37222
FlexRIC v2.0.0 uses hardcoded assertions to validate Information Element IE counts in decoded E2AP messages. A remote unauthenticated attacker can send a valid E2AP PDU containing an unexpected number of IEs e.g., an E2setupRequest with extra optional fields to crash the near-RT RIC port 36421 or...
CVE-2026-37222
FlexRIC v2.0.0 contains a vulnerability where the stack asserts exact Information Element (IE) counts in decoded E2AP messages instead of validating against protocol ranges. An unauthenticated remote attacker can send a valid E2AP PDU (for example, an E2setupRequest with extra optional fields) th...
CVE-2026-37222
FlexRIC v2.0.0 uses hardcoded assertions to validate Information Element IE counts in decoded E2AP messages. A remote unauthenticated attacker can send a valid E2AP PDU containing an unexpected number of IEs e.g., an E2setupRequest with extra optional fields to crash the near-RT RIC port 36421 or...
FlexRIC security vulnerabilities
FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. Version FlexRIC v2.0.0 contains a security vulnerability. This vulnerability arises from the use of hardcoded assertions to verify the count of information elements in E2AP messages, rather than using the protocol-specifi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: cfg80211: Fixed an issue where out-of-bounds access occurred during the multi-link element defragmentation process. Currently, during the multi-link element defragmentation process, the length of the multi-link element is...
SUSE CVE-2026-33907
Ella Core is a 5G core designed for private networks. Versions prior to 1.7.0 panic when processing Authentication Response and Authentication Failure NAS message missing IEs. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all...
GO-2026-4872 Ella Core Panics during NAS Authentication Response/Failure with missing IEs in github.com/ellanetworks/core
Ella Core Panics during NAS Authentication Response/Failure with missing IEs in github.com/ellanetworks/core...
PT-2026-29927
Ella Core Panics during NAS Authentication Response/Failure with missing IEs in github.com/ellanetworks/core...
CVE-2026-33907
Ella Core is a 5G core designed for private networks. Versions prior to 1.7.0 panic when processing Authentication Response and Authentication Failure NAS message missing IEs. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the process handling NAS Authentication Response and Authentication Failure messages with missing IEs. An attacker can cause a crash of the service by sending specially crafted NAS messages without required...
CVE-2026-33907
Ella Core is a 5G core designed for private networks. Versions prior to 1.7.0 panic when processing Authentication Response and Authentication Failure NAS message missing IEs. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all...
CVE-2026-33907 Ella Core Panics during NAS Authentication Response/Failure with missing IEs
Ella Core is a 5G core designed for private networks. Versions prior to 1.7.0 panic when processing Authentication Response and Authentication Failure NAS message missing IEs. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all...
CVE-2026-33907
Ella Core (private 5G core) vulnerability CVE-2026-33907: versions prior to 1.7.0 panic when processing Authentication Response and Authentication Failure NAS messages missing IEs, allowing an attacker to crash the process by sending crafted NAS messages without authentication. This leads to serv...
CVE-2026-33907 Ella Core Panics during NAS Authentication Response/Failure with missing IEs
Ella Core is a 5G core designed for private networks. Versions prior to 1.7.0 panic when processing Authentication Response and Authentication Failure NAS message missing IEs. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all...
CVE-2026-33907 Ella Core Panics during NAS Authentication Response/Failure with missing IEs
Ella Core is a 5G core designed for private networks. Versions prior to 1.7.0 panic when processing Authentication Response and Authentication Failure NAS message missing IEs. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all...
Ella Core Panics during NAS Authentication Response/Failure with missing IEs
Summary Ella Core panics when processing Authentication Response and Authentication Failure NAS message missing IEs. Impact An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all connected subscribers. No authentication is required. Fi...
PT-2026-28565
Name of the Vulnerable Software and Affected Versions Ella Core versions prior to 1.7.0 Description Ella Core, a 5G core designed for private networks, experiences a panic when processing Authentication Response and Authentication Failure NAS messages lacking Information Elements IEs. An attacker...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003599)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003599 advisory. A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiexuapparsetailies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memo...
wifi: mac80211: increase scan_ies_len for S1G
...