CVE-2025-56568

Assertion failure vulnerability in the PCO Protocol Configuration Options parser in the SMF Session Management Function component of Open5GS before v2.7.5 allows remote attackers to cause denial of service via specially crafted NGAP messages containing malformed length fields in protocol...

CVE-2025-56568

Assertion failure vulnerability in the PCO Protocol Configuration Options parser in the SMF Session Management Function component of Open5GS before v2.7.5 allows remote attackers to cause denial of service via specially crafted NGAP messages containing malformed length fields in protocol...

PT-2026-36167

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.5 Description An assertion failure in the PCO Protocol Configuration Options parser within the SMF Session Management Function component allows remote attackers to cause a denial of service. This occurs when the...

CVE-2026-30078

OpenAirInterface V2.2.0 AMF crashes when it receives an NGAP message with invalid procedure code or invalid PDU-type. For example when the message specification requires InitiatingMessage but sent with successfulOutcome...

SUSE CVE-2026-32320

Ella Core is a 5G core designed for private networks. Prior to 1.5.1, Ella Core panics when processing a PathSwitchRequest containing UE Security Capabilities with zero-length NR encryption or integrity protection algorithm bitstrings, resulting in a denial of service. An attacker able to send...

PT-2026-26467

Ella Core is a 5G core designed for private networks. Versions prior to 1.6.0 panic when processing NGAP messages with invalid PDU Session IDs outside of 1-15. An attacker able to send crafted NGAP messages to Ella Core can crash the process, causing service disruption for all connected...

Ella Core 缓冲区错误漏洞

Ella Core is an open-source solution developed by Ella Networks for use in private networks as a 5G core network solution. Versions of Ella Core prior to 1.5.1 contained a buffer error vulnerability. This vulnerability stemmed from a kernel crash that occurred when processing PathSwitchRequest...

CVE-2026-32320

Ella Core is a 5G core designed for private networks. Prior to 1.5.1, Ella Core panics when processing a PathSwitchRequest containing UE Security Capabilities with zero-length NR encryption or integrity protection algorithm bitstrings, resulting in a denial of service. An attacker able to send...

CVE-2024-24445

OpenAirInterface CN5G AMF oai-cn5g-amf = 2.0.0 contains a null dereference in its handling of unsupported NGAP protocol messages which allows an attacker with network-adjacent access to the AMF to carry out denial of service. When a procedure code/presence field tuple is received that is...

CVE-2024-24445

OpenAirInterface CN5G AMF oai-cn5g-amf = 2.0.0 contains a null dereference in its handling of unsupported NGAP protocol messages which allows an attacker with network-adjacent access to the AMF to carry out denial of service. When a procedure code/presence field tuple is received that is...