3 matches found
CVE-2026-44474 Ella Core: Handover failures during concurrent Security Mode Command
Ella Core is a 5G core designed for private networks. Prior to 1.10.0, Ella Core didn't enforce security rules on concurrent running of security procedures defined in TS 33.501 §6.9.5.1 — it could send a NAS Security Mode Command while an N2 handover was still pending and vice versa. Concurrent...
CVE-2026-44474
Ella Core (5G private-net Core) is affected prior to version 1.10.0 by a race in security procedures: it did not enforce TS 33.501 §6.9.5.1 when Security Mode Command and N2 handover run concurrently. This can cause a KgNB mismatch between the UE and target gNB, leading to handover failure. The i...
Ella Core has handover failures during concurrent Security Mode Command
Summary Ella Core didn't enforce security rules on concurrent running of security procedures defined in TS 33.501 §6.9.5.1 — it could send a NAS Security Mode Command while an N2 handover was still pending and vice versa. Impact Concurrent Security Mode Command and N2 handover produce a KgNB...