CVE-2023-37027

Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP E-RAB Modification Indication packet missing an expected eNBUES1APID field...

CVE-2024-24421

A type confusion in the nasmessagedecode function of Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows attackers to execute arbitrary code or cause a Denial of Service DoS via a crafted NAS packet...

CVE-2023-37028

A Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP E-RAB Modification Indication packet missing an expected eNBUES1APID field...

CVE-2023-37035

A Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP S1Setup Request packet missing an expected Global eNB ID field...

CVE-2023-37027

Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP E-RAB Modification Indication packet missing an expected eNBUES1APID field...

CVE-2023-37032

A Stack-based buffer overflow in the Mobile Management Entity MME of Magma versions = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows remote attackers to crash the MME with an unauthenticated cellphone by sending a NAS packet containing an oversized Emergency Number Lis...

CVE-2023-37024

A reachable assertion in the Mobile Management Entity MME of Magma versions = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows remote attackers to crash the MME with an unauthenticated cellphone by sending a NAS packet containing an Emergency Number List Information...

Magma 代码问题漏洞

Magma is an open source software platform from Magma Open Source. It provides network operators with an open, flexible and scalable mobile core network solution. A code issue vulnerability exists in Magma version 1.8.0 that stems from a null pointer reference vulnerability contained in the Mobile...

CVE-2023-37024

A reachable assertion in the Mobile Management Entity MME of Magma versions = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows remote attackers to crash the MME with an unauthenticated cellphone by sending a NAS packet containing an Emergency Number List Information...

CVE-2023-37038

A Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP Uplink NAS Transport packet missing an expected MMEUES1APID field...

CVE-2023-37036

The CVE-2023-37036 issue affects Magma’s Mobile Management Entity (MME) in versions up to 1.8.0 and is resolved in the 1.9 branch (commit 08472ba98b8321f802e95f5622fa90fec2dea486). It is a null pointer dereference caused by an S1AP Uplink NAS Transport packet that omits the expected ENB_UE_S1AP_I...

CVE-2023-37033

A Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP Initial UE Message packet missing an expected EUTRANCGI field...

CVE-2023-37030

CVE-2023-37030 : A null pointer dereference in the Mobile Management Entity (MME) of Magma

CVE-2023-37036

A Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP Uplink NAS Transport packet missing an expected ENBUES1APID field...

Magma 代码问题漏洞

Magma is an open source software platform from Magma Open Source. It provides network operators with an open, flexible and scalable mobile core network solution. A code issue vulnerability exists in Magma version 1.8.0 that stems from a null pointer reference vulnerability contained in the Mobile...

CVE-2023-37030

A Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP Initial UE Message packet missing an expected eNBUES1APID field...

CVE-2023-37034

A Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP Initial UE Message packet missing an expected TAI field...