CVE-2026-34761 Ella Core Panics Upon NGAP handover failure

Ella Core is a 5G core designed for private networks. Prior to version 1.8.0, Ella Core panics when processing a NGAP handover failure message. An attacker able to cause a gNodeB to send NGAP handover failure messages to Ella Core can crash the process, causing service disruption for all connecte...

CVE-2024-37877

UERANSIM before 3.2.6 allows out-of-bounds read when a RLS packet is sent to gNodeB with malformed PDU length. This occurs in function readOctetString in src/utils/octetview.cpp and in function DecodeRlsMessage in src/lib/rls/rlspdu.cpp...

CVE-2024-37877

UERANSIM before 3.2.6 allows out-of-bounds read when a RLS packet is sent to gNodeB with malformed PDU length. This occurs in function readOctetString in src/utils/octetview.cpp and in function DecodeRlsMessage in src/lib/rls/rlspdu.cpp...

CVE-2024-37877

UERANSIM before 3.2.6 allows out-of-bounds read when a RLS packet is sent to gNodeB with malformed PDU length. This occurs in function readOctetString in src/utils/octetview.cpp and in function DecodeRlsMessage in src/lib/rls/rlspdu.cpp...

CVE-2022-39901

Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB...

PT-2022-25094 · Samsung · Exynos Baseband

Name of the Vulnerable Software and Affected Versions: Exynos baseband versions prior to SMR DEC-2022 Release 1 Description: The issue is related to improper authentication in the Exynos baseband, which allows a remote attacker to disable network traffic encryption between the User Equipment UE a...