6 matches found
CVE-2023-36998
The NextEPC MME = 1.0.1 fixed in commit a8492c9c5bc0a66c6999cb5a263545b32a4109df contains a stack-based buffer overflow vulnerability in the Emergency Number List decoding method. An attacker may send a NAS message containing an oversized Emergency Number List value to the MME to overwrite the...
CVE-2023-36998
The NextEPC MME = 1.0.1 fixed in commit a8492c9c5bc0a66c6999cb5a263545b32a4109df contains a stack-based buffer overflow vulnerability in the Emergency Number List decoding method. An attacker may send a NAS message containing an oversized Emergency Number List value to the MME to overwrite the...
CVE-2023-36998
The NextEPC MME = 1.0.1 fixed in commit a8492c9c5bc0a66c6999cb5a263545b32a4109df contains a stack-based buffer overflow vulnerability in the Emergency Number List decoding method. An attacker may send a NAS message containing an oversized Emergency Number List value to the MME to overwrite the...
CVE-2023-36998
The NextEPC MME = 1.0.1 fixed in commit a8492c9c5bc0a66c6999cb5a263545b32a4109df contains a stack-based buffer overflow vulnerability in the Emergency Number List decoding method. An attacker may send a NAS message containing an oversized Emergency Number List value to the MME to overwrite the...
CVE-2023-36998
The CVE-2023-36998 entry concerns NextEPC MME
NextEPC MME 安全漏洞
NextEPC MME is an open source implementation of NextEPC's 4G/5G 3GPP core network. A security vulnerability exists in NextEPC MME 1.0.1 and prior versions, which stems from a heap buffer overflow in Emergency Number List decoding that allows an attacker to overwrite the stack by sending a special...