5 matches found
CVE-2025-44951
A missing length check in ogspfcpdevadd function from PFCP library, used by both smf and upf in open5gs 2.7.2 and earlier, allows a local attacker to cause a Buffer Overflow by changing the session.dev field with a value with length greater than 32...
CVE-2025-44951
A missing length check in ogspfcpdevadd function from PFCP library, used by both smf and upf in open5gs 2.7.2 and earlier, allows a local attacker to cause a Buffer Overflow by changing the session.dev field with a value with length greater than 32...
CVE-2025-44951
A missing length check in ogspfcpdevadd function from PFCP library, used by both smf and upf in open5gs 2.7.2 and earlier, allows a local attacker to cause a Buffer Overflow by changing the session.dev field with a value with length greater than 32...
CVE-2025-44951
A missing length check in ogspfcpdevadd function from PFCP library, used by both smf and upf in open5gs 2.7.2 and earlier, allows a local attacker to cause a Buffer Overflow by changing the session.dev field with a value with length greater than 32...
CVE-2025-44951
CVE-2025-44951 describes a missing length check in the PFCP library function ogs_pfcp_dev_add used by Open5GS SMF/UPF (versions 2.7.2 and earlier). The flaw allows a local attacker to trigger a Buffer Overflow by supplying a value longer than 32 for session.dev, potentially enabling arbitrary beh...