Lucene search
K

174 matches found

snyk
snyk
added 2026/02/06 2:47 a.m.3 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the establishPfcpSession function. An attacker can cause a denial of service by sending specially crafted requests that trigger a null pointer dereference in the SMF component. Remediation Upgrade...

7.5CVSS6.1AI score0.00526EPSS
Exploits1References2
attackerkb
attackerkb
added 2026/02/06 2:32 a.m.4 views

CVE-2026-1975

A security flaw has been discovered in Free5GC up to 4.1.0. This impacts the function identityTriggerType of the file pfcpreports.go. The manipulation results in null pointer dereference. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks...

6.9CVSS5.5AI score0.00526EPSS
Exploits1References7
vulnrichment
vulnrichment
added 2026/02/06 2:32 a.m.4 views

CVE-2026-1975 Free5GC pfcp_reports.go identityTriggerType null pointer dereference

A security flaw has been discovered in Free5GC up to 4.1.0. This impacts the function identityTriggerType of the file pfcpreports.go. The manipulation results in null pointer dereference. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks...

6.9CVSS5.1AI score0.00526EPSS
Exploits1References7
cve
cve
added 2026/02/06 2:32 a.m.12 views

CVE-2026-1975

Free5GC is affected up to version 4.1.0 by a vulnerability in the identityTriggerType function in pfcp_reports.go, causing a null pointer dereference and allowing remote exploitation. PT-2026-6668 confirms the flaw, lists affected versions prior to 4.1.1, and notes that the exploit has been publi...

7.5CVSS5.5AI score0.00526EPSS
Exploits1References7Affected Software1
nvd
nvd
added 2026/02/06 2:16 a.m.8 views

CVE-2026-1973

A vulnerability was determined in Free5GC up to 4.1.0. The impacted element is the function establishPfcpSession of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. I...

7.5CVSS0.00526EPSS
Exploits1References7
ptsecurity
ptsecurity
added 2026/02/06 12:0 a.m.5 views

PT-2026-6668

Name of the Vulnerable Software and Affected Versions Free5GC versions prior to 4.1.1 Description A security flaw exists in Free5GC up to version 4.1.0. The issue resides in the identityTriggerType function within the pfcp reports.go file, leading to a null pointer dereference. This can be...

6.9CVSS5.2AI score0.00526EPSS
Exploits1References12
redhatcve
redhatcve
added 2026/01/31 3:21 p.m.9 views

CVE-2026-1683

A vulnerability has been found in Free5GC SMF up to 4.1.0. Affected by this vulnerability is the function HandlePfcpSessionReportRequest of the file internal/pfcp/handler/handler.go of the component PFCP. The manipulation leads to denial of service. Remote exploitation of the attack is possible...

7.5CVSS5.4AI score0.00639EPSS
Exploits1References1
euvd
euvd
added 2026/01/30 2:32 p.m.8 views

EUVD-2026-5028

A vulnerability was found in Free5GC SMF up to 4.1.0. Affected by this issue is the function HandleReports of the file /internal/context/pfcpreports.go of the component PFCP UDP Endpoint. The manipulation results in denial of service. The attack can be executed remotely. It is advisable to...

6.9CVSS5.5AI score0.00504EPSS
Exploits1References6
osv
osv
added 2026/01/30 2:32 p.m.6 views

CVE-2026-1684 Free5GC SMF PFCP UDP Endpoint pfcp_reports.go HandleReports denial of service

A vulnerability was found in Free5GC SMF up to 4.1.0. Affected by this issue is the function HandleReports of the file /internal/context/pfcpreports.go of the component PFCP UDP Endpoint. The manipulation results in denial of service. The attack can be executed remotely. It is advisable to...

6.9CVSS5.7AI score0.00504EPSS
Exploits1References9
attackerkb
attackerkb
added 2026/01/30 2:32 p.m.3 views

CVE-2026-1684

A vulnerability was found in Free5GC SMF up to 4.1.0. Affected by this issue is the function HandleReports of the file /internal/context/pfcpreports.go of the component PFCP UDP Endpoint. The manipulation results in denial of service. The attack can be executed remotely. It is advisable to...

6.9CVSS5.5AI score0.00504EPSS
Exploits1References7Affected Software1
nvd
nvd
added 2026/01/30 2:16 p.m.8 views

CVE-2026-1682

A flaw has been found in Free5GC SMF up to 4.1.0. Affected is the function HandlePfcpAssociationReleaseRequest of the file internal/pfcp/handler/handler.go of the component PFCP UDP Endpoint. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The...

7.5CVSS0.00667EPSS
Exploits1References8
osv
osv
added 2026/01/30 2:2 p.m.8 views

CVE-2026-1683 Free5GC SMF PFCP handler.go HandlePfcpSessionReportRequest denial of service

A vulnerability has been found in Free5GC SMF up to 4.1.0. Affected by this vulnerability is the function HandlePfcpSessionReportRequest of the file internal/pfcp/handler/handler.go of the component PFCP. The manipulation leads to denial of service. Remote exploitation of the attack is possible...

6.9CVSS5.4AI score0.00639EPSS
Exploits1References10
attackerkb
attackerkb
added 2026/01/30 2:2 p.m.4 views

CVE-2026-1683

A vulnerability has been found in Free5GC SMF up to 4.1.0. Affected by this vulnerability is the function HandlePfcpSessionReportRequest of the file internal/pfcp/handler/handler.go of the component PFCP. The manipulation leads to denial of service. Remote exploitation of the attack is possible...

6.9CVSS5.2AI score0.00639EPSS
Exploits1References7Affected Software1
vulnrichment
vulnrichment
added 2026/01/30 2:2 p.m.6 views

CVE-2026-1682 Free5GC SMF PFCP UDP Endpoint handler.go HandlePfcpAssociationReleaseRequest null pointer dereference

A flaw has been found in Free5GC SMF up to 4.1.0. Affected is the function HandlePfcpAssociationReleaseRequest of the file internal/pfcp/handler/handler.go of the component PFCP UDP Endpoint. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The...

6.9CVSS5.6AI score0.00667EPSS
Exploits1References8
attackerkb
attackerkb
added 2026/01/30 2:2 p.m.8 views

CVE-2026-1682

A flaw has been found in Free5GC SMF up to 4.1.0. Affected is the function HandlePfcpAssociationReleaseRequest of the file internal/pfcp/handler/handler.go of the component PFCP UDP Endpoint. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The...

6.9CVSS5.5AI score0.00667EPSS
Exploits1References7Affected Software1
cnnvd
cnnvd
added 2026/01/30 12:0 a.m.7 views

Free5GC code-related vulnerabilities

Free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of Free5GC 4.1.0 and earlier contain code vulnerabilities. These vulnerabilities stem from a null pointer dereferencing in the HandlePfcpAssociationReleaseRequest function within the PFCP UDP Endpoint...

7.5CVSS6.2AI score0.00667EPSS
Exploits1References8
ptsecurity
ptsecurity
added 2026/01/30 12:0 a.m.7 views

PT-2026-5399

Name of the Vulnerable Software and Affected Versions Free5GC SMF versions prior to 4.1.1 Description A flaw exists in Free5GC SMF, specifically within the PFCP UDP Endpoint component. The issue resides in the HandlePfcpAssociationReleaseRequest function located in the file...

7.5CVSS5.4AI score0.00667EPSS
Exploits1References15
redhatcve
redhatcve
added 2025/12/30 7:7 a.m.7 views

CVE-2025-15176

A flaw has been found in Open5GS up to 2.7.5. This affects the function decodeipv6header/ogspfcppdrrulefindbypacket of the file lib/pfcp/rule-match.c of the component PFCP Session Establishment Request Handler. Executing a manipulation can lead to reachable assertion. It is possible to launch the...

7.5CVSS5.3AI score0.00531EPSS
Exploits1References1
osv
osv
added 2025/12/29 6:32 a.m.3 views

CVE-2025-15176 Open5GS PFCP Session Establishment Request rule-match.c ogs_pfcp_pdr_rule_find_by_packet assertion

A flaw has been found in Open5GS up to 2.7.5. This affects the function decodeipv6header/ogspfcppdrrulefindbypacket of the file lib/pfcp/rule-match.c of the component PFCP Session Establishment Request Handler. Executing a manipulation can lead to reachable assertion. It is possible to launch the...

6.9CVSS5.6AI score0.00531EPSS
Exploits1References10
cvelist
cvelist
added 2025/12/29 6:32 a.m.29 views

CVE-2025-15176 Open5GS PFCP Session Establishment Request rule-match.c ogs_pfcp_pdr_rule_find_by_packet assertion

A flaw has been found in Open5GS up to 2.7.5. This affects the function decodeipv6header/ogspfcppdrrulefindbypacket of the file lib/pfcp/rule-match.c of the component PFCP Session Establishment Request Handler. Executing a manipulation can lead to reachable assertion. It is possible to launch the...

6.9CVSS0.00531EPSS
Exploits1References8
Rows per page
Query Builder