14 matches found
CVE-2024-24445
OpenAirInterface CN5G AMF oai-cn5g-amf = 2.0.0 contains a null dereference in its handling of unsupported NGAP protocol messages which allows an attacker with network-adjacent access to the AMF to carry out denial of service. When a procedure code/presence field tuple is received that is...
CVE-2024-24442
A NULL pointer dereference in the ngapapp::handlereceive routine of OpenAirInterface CN5G AMF oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service DoS via a crafted NGAP message...
CVE-2024-24449
An uninitialized pointer dereference in the NasPdu::NasPdu component of OpenAirInterface CN5G AMF up to v2.0.0 allows attackers to cause a Denial of Service DoS via a crafted InitialUEMessage message sent to the AMF...
CVE-2024-24446
An uninitialized pointer dereference in OpenAirInterface CN5G AMF up to v2.0.0 allows attackers to cause a Denial of Service DoS via a crafted InitialContextSetupResponse message sent to the AMF...
CVE-2024-24445
OpenAirInterface CN5G AMF oai-cn5g-amf = 2.0.0 contains a null dereference in its handling of unsupported NGAP protocol messages which allows an attacker with network-adjacent access to the AMF to carry out denial of service. When a procedure code/presence field tuple is received that is...
CVE-2024-24442
A NULL pointer dereference in the ngapapp::handlereceive routine of OpenAirInterface CN5G AMF oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service DoS via a crafted NGAP message...
CVE-2024-24442
A NULL pointer dereference in the ngapapp::handlereceive routine of OpenAirInterface CN5G AMF oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service DoS via a crafted NGAP message...
CVE-2024-24445
OpenAirInterface CN5G AMF (oai-cn5g-amf)
CVE-2024-24443
CVE-2024-24443 concerns OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0, where an uninitialized pointer dereference in the ngap_handle_pdu_session_resource_setup_response routine can allow an attacker to cause a Denial of Service via a crafted PDU Session Resource Setup Response. This vulne...
CVE-2024-24451
OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 is affected by a stack overflow in the sctp_server::sctp_receiver_thread. This vulnerability can allow a DoS by repeatedly establishing SCTP connections to the N2 interface. Concretely, the issue is described across multiple sources (Red Hat a...
CVE-2024-24450
Stack-based memcpy buffer overflow in the ngaphandlepdusessionresourcesetupresponse routine in OpenAirInterface CN5G AMF = 2.0.0 allows a remote attacker with access to the N2 interface to carry out denial of service against the AMF and potentially execute code by sending a PDU Session Resource...
CVE-2024-24449
An uninitialized pointer dereference in the NasPdu::NasPdu component of OpenAirInterface CN5G AMF up to v2.0.0 allows attackers to cause a Denial of Service DoS via a crafted InitialUEMessage message sent to the AMF...
CVE-2024-24446
CVE-2024-24446 affects OpenAirInterface CN5G AMF up to version 2.0.0. The vulnerability is an uninitialized pointer dereference in the AMF that can be triggered by a crafted InitialContextSetupResponse, leading to a Denial of Service (DoS). Public sources in connected documents confirm the issue ...
CVE-2024-24447
CVE-2024-24447 describes a buffer overflow in the ngap_amf_handle_pdu_session_resource_setup_response function of oai-cn5g-amf up to v2.0.0, enabling a Denial of Service via a PDU Session Resource Setup Response with an empty Response Item list. Affected software: oai-cn5g-amf