Open5GS 安全漏洞

Open5GS is an Open5GS open source C open source implementation of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.7.5 and earlier, which originates from a vulnerability in the function decodeipv6header/ogspfcppdr in the file...

CVE-2025-14953

A flaw has been found in Open5GS up to 2.7.5. This impacts the function ogspfcphandlecreatepdr in the library lib/pfcp/handler.c of the component FAR-ID Handler. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The attack requires a high leve...

CVE-2025-14954

A vulnerability has been found in Open5GS up to 2.7.6. Affected is the function ogspfcppdrfindoradd/ogspfcpfarfindoradd/ogspfcpurrfindoradd/ogspfcpqerfindoradd in the library lib/pfcp/context.c of the component QER/FAR/URR/PDR. The manipulation leads to reachable assertion. It is possible to...

CVE-2025-14955

A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ogspfcphandlecreatepdr in the library lib/pfcp/handler.c of the component PFCP. The manipulation results in improper initialization. It is possible to launch the attack remotely. This attack is...

CVE-2025-14955

A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ogspfcphandlecreatepdr in the library lib/pfcp/handler.c of the component PFCP. The manipulation results in improper initialization. It is possible to launch the attack remotely. This attack is...

EUVD-2025-204568

A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ogspfcphandlecreatepdr in the library lib/pfcp/handler.c of the component PFCP. The manipulation results in improper initialization. It is possible to launch the attack remotely. This attack is...

CVE-2025-14955 Open5GS PFCP handler.c ogs_pfcp_handle_create_pdr initialization

A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ogspfcphandlecreatepdr in the library lib/pfcp/handler.c of the component PFCP. The manipulation results in improper initialization. It is possible to launch the attack remotely. This attack is...

CVE-2025-14955

Open5GS up to 2.7.5 is affected by a PFCP component issue: ogs_pfcp_handle_create_pdr in lib/pfcp/handler.c can cause improper initialization. The vulnerability allows remote launching and is noted as high complexity, with exploits public. A patch is available (commit 773117aa5472af26fc9f80e608d3...

CVE-2025-14955 Open5GS PFCP handler.c ogs_pfcp_handle_create_pdr initialization

A vulnerability was found in Open5GS up to 2.7.5. Affected by this vulnerability is the function ogspfcphandlecreatepdr in the library lib/pfcp/handler.c of the component PFCP. The manipulation results in improper initialization. It is possible to launch the attack remotely. This attack is...

CVE-2025-14954

A vulnerability has been found in Open5GS up to 2.7.6. Affected is the function ogspfcppdrfindoradd/ogspfcpfarfindoradd/ogspfcpurrfindoradd/ogspfcpqerfindoradd in the library lib/pfcp/context.c of the component QER/FAR/URR/PDR. The manipulation leads to reachable assertion. It is possible to...

CVE-2025-14954

A vulnerability has been found in Open5GS up to 2.7.6. Affected is the function ogspfcppdrfindoradd/ogspfcpfarfindoradd/ogspfcpurrfindoradd/ogspfcpqerfindoradd in the library lib/pfcp/context.c of the component QER/FAR/URR/PDR. The manipulation leads to reachable assertion. It is possible to...

CVE-2025-14953

A flaw has been found in Open5GS up to 2.7.5. This impacts the function ogspfcphandlecreatepdr in the library lib/pfcp/handler.c of the component FAR-ID Handler. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The attack requires a high leve...

CVE-2025-14953

A flaw has been found in Open5GS up to 2.7.5. This impacts the function ogspfcphandlecreatepdr in the library lib/pfcp/handler.c of the component FAR-ID Handler. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The attack requires a high leve...

EUVD-2025-204569

A vulnerability has been found in Open5GS up to 2.7.5. Affected is the function ogspfcppdrfindoradd/ogspfcpfarfindoradd/ogspfcpurrfindoradd/ogspfcpqerfindoradd in the library lib/pfcp/context.c of the component QER/FAR/URR/PDR. The manipulation leads to reachable assertion. It is possible to...

CVE-2025-14954 Open5GS QER/FAR/URR/PDR context.c ogs_pfcp_qer_find_or_add assertion

A vulnerability has been found in Open5GS up to 2.7.6. Affected is the function ogspfcppdrfindoradd/ogspfcpfarfindoradd/ogspfcpurrfindoradd/ogspfcpqerfindoradd in the library lib/pfcp/context.c of the component QER/FAR/URR/PDR. The manipulation leads to reachable assertion. It is possible to...

CVE-2025-14954 Open5GS QER/FAR/URR/PDR context.c ogs_pfcp_qer_find_or_add assertion

A vulnerability has been found in Open5GS up to 2.7.6. Affected is the function ogspfcppdrfindoradd/ogspfcpfarfindoradd/ogspfcpurrfindoradd/ogspfcpqerfindoradd in the library lib/pfcp/context.c of the component QER/FAR/URR/PDR. The manipulation leads to reachable assertion. It is possible to...

CVE-2025-14954

Open5GS up to 2.7.6 is affected by an assertion-triggering flaw in the QER/FAR/URR/PDR context (lib/pfcp/context.c): ogs_pfcp_pdr_find_or_add/ogs_pfcp_far_find_or_add/ogs_pfcp_urr_find_or_add/ogs_pfcp_qer_find_or_add. The issue allows remote initiation and is triggered by manipulating these PFCP ...

CVE-2025-14953

Open5GS up to 2.7.5 contains a null pointer dereference in the FAR-ID Handler, specifically in ogs_pfcp_handle_create_pdr (lib/pfcp/handler.c). The vulnerability can be exploited remotely and is described as high complexity to exploit, with exploitation already published. A patch identified as 93...

CVE-2025-14953 Open5GS FAR-ID handler.c ogs_pfcp_handle_create_pdr null pointer dereference

A flaw has been found in Open5GS up to 2.7.5. This impacts the function ogspfcphandlecreatepdr in the library lib/pfcp/handler.c of the component FAR-ID Handler. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The attack requires a high leve...

EUVD-2025-204566

A flaw has been found in Open5GS up to 2.7.5. This impacts the function ogspfcphandlecreatepdr in the library lib/pfcp/handler.c of the component FAR-ID Handler. Executing manipulation can lead to null pointer dereference. The attack may be performed from remote. The attack requires a high level ...