CVE-2026-42082 free5GC: Missing Concurrent NAS SMC Validation During NGAP Handover

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the AMF in Free5GC does not enforce the concurrent security procedure rules defined in 3GPP TS 33.501 §6.9.5.1. The AMF does not check for ongoing N2 handover procedures before initiating a NAS Security Mode Command,...

Free5GC AMF has Missing Concurrent NAS SMC Validation During NGAP Handover

Summary The AMF in Free5GC v4.2.1 does not enforce the concurrent security procedure rules defined in 3GPP TS 33.501 §6.9.5.1. The AMF does not check for ongoing N2 handover procedures before initiating a NAS Security Mode Command, and vice versa. This can lead to mismatches between NAS and AS...

EUVD-2022-47362

Malicious code in bioql PyPI...

CVE-2022-44419

In modem, there is a possible missing verification of NAS Security Mode Command Replay Attacks in LTE. This could local denial of service with no additional execution privileges...

CVE-2022-44419

In modem, there is a possible missing verification of NAS Security Mode Command Replay Attacks in LTE. This could local denial of service with no additional execution privileges...

CVE-2022-44419

CVE-2022-44419 affects the modem’s NAS security mode handling, where missing verification of NAS Security Mode Command Replay Attacks in LTE allows a local attacker to cause denial of service without extra privileges. The issue is described across multiple sources as a local impact with a high av...

CVE-2022-44419

In modem, there is a possible missing verification of NAS Security Mode Command Replay Attacks in LTE. This could local denial of service with no additional execution privileges...