3 matches found
free5GC's SMF UPI POST /upi/v1/upNodesLinks exits the SMF process on overlapping UE pools (unauthenticated, reachable Fatalf)
Summary free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware same root cause as free5gc/free5gc887. The POST /upi/v1/upNodesLinks create-or-update handler accepts attacker-controlled JSON and passes it directly into UpNodesFromConfiguration, which calls...
GHSA-44QJ-CGHF-9P97 free5GC's SMF UPI POST /upi/v1/upNodesLinks exits the SMF process on overlapping UE pools (unauthenticated, reachable Fatalf)
Summary free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware same root cause as free5gc/free5gc887. The POST /upi/v1/upNodesLinks create-or-update handler accepts attacker-controlled JSON and passes it directly into UpNodesFromConfiguration, which calls...
CLSA-2026-1768224570 Fix CVE(s): CVE-2025-1153
SECURITY UPDATE: einfo calls with %F specifier do not always exit - debian/patches/CVE-2025-1153.patch: introduce fatal function that always exits, replacing einfo calls with %F specifier to prevent program continuation after fatal errors - CVE-2025-1153...