CVE-2025-14953 Open5GS FAR-ID handler.c ogs_pfcp_handle_create_pdr null pointer dereference

A flaw has been found in Open5GS up to 2.7.5. This impacts the function ogspfcphandlecreatepdr in the library lib/pfcp/handler.c of the component FAR-ID Handler. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The attack requires a high leve...

CVE-2025-14953

A flaw has been found in Open5GS up to 2.7.5. This impacts the function ogspfcphandlecreatepdr in the library lib/pfcp/handler.c of the component FAR-ID Handler. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The attack requires a high leve...

CVE-2025-65559

An issue was discovered in Open5GS 2.7.5-49-g465e90f, when processing a PFCP Session Establishment Request type=50, the UPF crashes with a reachable assertion in lib/pfcp/context.c ogspfcpobjectteidhashset if the CreatePDR?PDI?F-TEID has CH=1 and the F-TEID address-family flags IPv4/IPv6 do not...

PT-2025-52490

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.5 Description A flaw exists within Open5GS, specifically in the ogs pfcp handle create pdr function located in the lib/pfcp/handler.c library of the PFCP component. This issue involves improper initialization and...

Open5GS 安全漏洞

Open5GS is an Open5GS open source C open source implementation of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.7.5 and earlier, which stems from a misbehavior of the function ogspfcphandlecreatepdr in the PFCP component, which could...

Open5GS 安全漏洞

Open5GS is an Open5GS open source C open source implementation of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.7.5 and earlier, which stems from a misbehavior of the function ogspfcppdrfindoradd in the QER/FAR/URR/PDR component, whi...

Open5GS 代码问题漏洞

Open5GS is an Open5GS open source C open source implementation of 5G Core and Epc, the core network of the Lte/Nr network. A code issue vulnerability exists in Open5GS version 2.7.5 and earlier, which stems from misbehavior of the function ogspfcphandlecreatepdr in the FAR-ID Handler component,...

PT-2025-52483

Name of the Vulnerable Software and Affected Versions Open5GS versions up to 2.7.5 Description A flaw exists in Open5GS impacting the ogs pfcp handle create pdr function within the lib/pfcp/handler.c library of the FAR-ID Handler component. This can lead to a null pointer dereference, potentially...

PT-2025-52484

Name of the Vulnerable Software and Affected Versions Open5GS versions up to 2.7.5 Description A flaw exists in Open5GS related to assertions within the ogs pfcp pdr find or add, ogs pfcp far find or add, ogs pfcp urr find or add, and ogs pfcp qer find or add functions located in the...

CVE-2025-65559

An issue was discovered in Open5GS 2.7.5-49-g465e90f, when processing a PFCP Session Establishment Request type=50, the UPF crashes with a reachable assertion in lib/pfcp/context.c ogspfcpobjectteidhashset if the CreatePDR?PDI?F-TEID has CH=1 and the F-TEID address-family flags IPv4/IPv6 do not...

CVE-2025-65559

An issue was discovered in Open5GS 2.7.5-49-g465e90f, when processing a PFCP Session Establishment Request type=50, the UPF crashes with a reachable assertion in lib/pfcp/context.c ogspfcpobjectteidhashset if the CreatePDR?PDI?F-TEID has CH=1 and the F-TEID address-family flags IPv4/IPv6 do not...

CVE-2025-65559

An issue was discovered in Open5GS 2.7.5-49-g465e90f, when processing a PFCP Session Establishment Request type=50, the UPF crashes with a reachable assertion in lib/pfcp/context.c ogspfcpobjectteidhashset if the CreatePDR?PDI?F-TEID has CH=1 and the F-TEID address-family flags IPv4/IPv6 do not...

CVE-2025-65559

An issue was discovered in Open5GS 2.7.5-49-g465e90f, when processing a PFCP Session Establishment Request type=50, the UPF crashes with a reachable assertion in lib/pfcp/context.c ogspfcpobjectteidhashset if the CreatePDR?PDI?F-TEID has CH=1 and the F-TEID address-family flags IPv4/IPv6 do not...

Open5GS 安全漏洞

Open5GS is an Open5GS open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS version 2.7.5-49-g465e90f, which originates from the processing of a PFCP session establishment request triggered by an up to assertion, whi...

PT-2025-52283

Name of the Vulnerable Software and Affected Versions Open5GS version 2.7.5-49-g465e90f Description A flaw exists in Open5GS where a malformed PFCP Session Establishment Request can cause the UPF to crash. Specifically, when processing a request type=50 and the CreatePDR?PDI?F-TEID has CH=1, a...

CVE-2025-65559

CVE-2025-65559 – Open5GS vulnerability affecting Open5GS 2.7.5-49-g465e90f. Processing a PFCP Session Establishment Request (type=50) can trigger a reachable assertion in lib/pfcp/context.c (ogs_pfcp_object_teid_hash_set) when CreatePDR?PDI?F-TEID has CH=1 and the F-TEID address-family flags (IPv...

Slice-Aware Spoofing Detection in 5G Networks Using Lightweight Machine Learning

The increasing virtualization of fifth generation 5G networks expands the attack surface of the user plane, making spoofing a persistent threat to slice integrity and service reliability. This study presents a slice-aware lightweight machine-learning framework for detecting spoofing attacks withi...

CVE-2025-63288

In Open5GS 2.7.6, AMF crashes when receiving an abnormal NGSetupRequest message, resulting in denial of service...

EUVD-2025-50810

In Open5GS 2.7.6, AMF crashes when receiving an abnormal NGSetupRequest message, resulting in denial of service...

CVE-2025-63288

In Open5GS 2.7.6, AMF crashes when receiving an abnormal NGSetupRequest message, resulting in denial of service...