Open5GS has an unspecified vulnerability (CNVD-2025-03190)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "Initial Context Setup Response" message that...

Open5GS Denial of Service Vulnerability (CNVD-2025-03200)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "Initial Context Setup Failed" message that lac...

Changing the tide: Reflections on threat data from 2024

"Enough Ripples, And You Change The Tide. For The Future Is Never Truly Set." X-Men: Days of Future Past In January, I dedicated some time to examine threat data from 2024, comparing it with the previous years to identify anomalies, spikes, and changes. As anticipated, the number of Common...

PT-2025-3347 · Open5Gs · Open5Gs

Name of the Vulnerable Software and Affected Versions: Open5gs version 2.7.2 Description: A problem was discovered in Open5gs where the InitialUEMessage, a registration request sent at a specific time, can cause AMF to crash due to incorrect error handling of the gmm state exception function when...

CVE-2024-10604

Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for these values to be guessed under circumstances...

Fuchsia 安全漏洞

Fuchsia is an open source general purpose operating system. Fuchsia suffers from a security vulnerability that stems from a network protocol header field generation algorithm that could lead to TCP ISN, TCP timestamps, TCP/UDP source ports, and IPv4/IPv6 segment IDs being guessed...

PT-2025-1599 · Google · Fuchsia

Name of the Vulnerable Software and Affected Versions: Fuchsia affected versions not specified Description: The issue concerns vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields. Specifically, the vulnerabilities affect the TCP Initial Sequence Number ISN...

SUSE CVE-2024-57947

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfsetpipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map search step, the result a...

CVE-2024-57947

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfsetpipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map search step, the result a...

DEBIAN-CVE-2024-57947

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfsetpipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map search step, the result a...

UBUNTU-CVE-2024-57947

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfsetpipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map search step, the result a...

CVE-2024-57947

The CVE-2024-57947 issue in the Linux kernel concerns netfilter nf_set_pipapo: the initial map fill must initialize the buffer to all-ones only up to the size of the first field. If the first element’s bsize is smaller than m->bsize_max, one-bits leak into later rounds, causing nf_set_pipapo t...

CVE-2024-57947 netfilter: nf_set_pipapo: fix initial map fill

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfsetpipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map search step, the result a...

CVE-2024-34235

Open5GS MME versions = 2.6.4 contains an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an Initial UE Message missing a required NASPDU field to repeatedly crash the MME, resulting in denial of service...

CVE-2023-37005

Open5GS MME versions = 2.6.4 contain an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an Initial Context Setup Failure message missing a required MMEUES1APID field to repeatedly crash the MME, resulting in denial of service...

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "Initial Context Setup Failed" message that lac...

PT-2025-2417 · Open5Gs · Open5Gs Mme

Name of the Vulnerable Software and Affected Versions: Open5GS MME versions prior to 2.6.4 Description: The issue allows an attacker to send a malformed ASN.1 packet over the S1AP interface, triggering an assertion that can cause the MME to crash repeatedly, resulting in denial of service. This c...

PT-2025-1397 · Open5Gs · Open5Gs Mme

Name of the Vulnerable Software and Affected Versions: Open5GS MME versions = 2.6.4 Description: The issue is related to an assertion that can be remotely triggered via a malformed ASN.1 packet over the S1AP interface. An attacker may send an Initial Context Setup Failure message missing a requir...

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who would send an initial UE message'' message that lacks th...

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends an "Initial Context Setup Response" message that...