27 matches found
Improper Resource Shutdown or Release
Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release in the NGSetupRequest process. An attacker can cause the service to become unavailable by sending specially crafted requests remotely. Remediation Upgrade github.com/omec-project/amf/metrics to...
Improper Resource Shutdown or Release
Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release in the NGSetupRequest process. An attacker can cause the service to become unavailable by sending specially crafted requests remotely. Remediation Upgrade github.com/omec-project/amf/nas/nassecurity...
CVE-2026-14624
CVE-2026-14624 affects omec-project amf up to version 2.0.2/2.1.1. The issue is in an unknown function within file /go/src/amf/ngap/handler.go of the NGSetupRequest Handler, where manipulation leads to denial of service . It can be triggered remotely, and a public exploit is noted. A patch is ava...
CVE-2026-14624 omec-project amf NGSetupRequest handler.go denial of service
A vulnerability was identified in omec-project amf up to 2.0.2/2.1.1. Impacted is an unknown function of the file /go/src/amf/ngap/handler.go of the component NGSetupRequest Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit is public...
CVE-2026-14624 omec-project amf NGSetupRequest handler.go denial of service
A vulnerability was identified in omec-project amf up to 2.0.2/2.1.1. Impacted is an unknown function of the file /go/src/amf/ngap/handler.go of the component NGSetupRequest Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit is public...
CVE-2026-8779
A vulnerability was determined in omec-project amf up to 2.1.3-dev. Impacted is the function NGSetupRequest of the file ngap/handler.go. Executing a manipulation of the argument InformationElement can lead to memory corruption. The attack can be launched remotely. The exploit has been publicly...
GHSA-6P7M-C3MW-4GMW omec-project amf Vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer
A vulnerability has been found in omec-project amf up to 2.1.1. This affects an unknown part of the component NGSetupRequest Handler. Such manipulation leads to memory corruption. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. It is best practic...
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow in the NGSetupRequest process. An attacker can cause memory corruption and potentially compromise confidentiality, integrity, and availability by sending specially crafted requests remotely. Remediation Upgrade...
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow in the NGSetupRequest process. An attacker can cause memory corruption and potentially compromise confidentiality, integrity, and availability by sending specially crafted requests remotely. Remediation Upgrade...
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow in the NGSetupRequest process. An attacker can cause memory corruption and potentially compromise confidentiality, integrity, and availability by sending specially crafted requests remotely. Remediation Upgrade...
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow in the NGSetupRequest process. An attacker can cause memory corruption and potentially compromise confidentiality, integrity, and availability by sending specially crafted requests remotely. Remediation Upgrade...
CVE-2026-9300
A vulnerability has been found in omec-project amf up to 2.1.1. This affects an unknown part of the component NGSetupRequest Handler. Such manipulation leads to memory corruption. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. It is best practic...
CVE-2026-9300 omec-project amf NGSetupRequest memory corruption
A vulnerability has been found in omec-project amf up to 2.1.1. This affects an unknown part of the component NGSetupRequest Handler. Such manipulation leads to memory corruption. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. It is best practic...
CVE-2026-9300 omec-project amf NGSetupRequest memory corruption
A vulnerability has been found in omec-project amf up to 2.1.1. This affects an unknown part of the component NGSetupRequest Handler. Such manipulation leads to memory corruption. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. It is best practic...
amf 缓冲区错误漏洞
AMF is an open-source library under Apache License, developed by Free5GC. Versions of AMF prior to 2.1.1 contain a buffer error vulnerability, which stems from unknown parts of the NGSetupRequest Handler component, potentially leading to memory corruption...
PT-2026-42879
Name of the Vulnerable Software and Affected Versions omec-project amf versions prior to 2.1.2 Description A flaw in the NGSetupRequest Handler component allows for remote memory corruption, which occurs when memory is unintentionally modified, potentially leading to system instability or crashes...
Out-of-Bounds
Overview Affected versions of this package are vulnerable to Out-of-Bounds via the NGSetupRequest function in the ngap/handler.go file when processing the InformationElement argument. An attacker can cause memory corruption by sending specially crafted requests remotely. Remediation Upgrade...
Out-of-Bounds
Overview Affected versions of this package are vulnerable to Out-of-Bounds via the NGSetupRequest function in the ngap/handler.go file when processing the InformationElement argument. An attacker can cause memory corruption by sending specially crafted requests remotely. Remediation Upgrade...
Out-of-Bounds
Overview Affected versions of this package are vulnerable to Out-of-Bounds via the NGSetupRequest function in the ngap/handler.go file when processing the InformationElement argument. An attacker can cause memory corruption by sending specially crafted requests remotely. Remediation Upgrade...
GHSA-FXVJ-WQV2-XGCQ AMF Improperly Restricts Operations within the Bounds of a Memory Buffer
A vulnerability was determined in omec-project amf up to 2.1.3-dev. Impacted is the function NGSetupRequest of the file ngap/handler.go. Executing a manipulation of the argument InformationElement can lead to memory corruption. The attack can be launched remotely. The exploit has been publicly...