NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the PFCP SessionReportRequest process when ReportType.DLDR is set but the DownlinkDataReport information element is missing. An attacker can cause the process to terminate unexpectedly by sending a specially...

Expected Behavior Violation

Overview Affected versions of this package are vulnerable to Expected Behavior Violation via the PFCP Association Setup Request process. An attacker can cause service disruption and trigger reconnection loops by sending a malformed request that is incorrectly accepted, resulting in an inconsisten...

CVE-2026-1682

A flaw has been found in Free5GC SMF up to 4.1.0. Affected is the function HandlePfcpAssociationReleaseRequest of the file internal/pfcp/handler/handler.go of the component PFCP UDP Endpoint. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The...

CVE-2025-65566

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Session Report Response that is missing the mandatory Cause Information Element, the session report handler dereferences a nil pointer instead ...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the session report handler process when handling a PFCP Session Report Response that lacks the mandatory Cause Information Element. An attacker can cause the process to panic and terminate by sending speciall...

PT-2025-52287

Name of the Vulnerable Software and Affected Versions omec-project UPF versions up to 2.1.3-dev Description A denial-of-service issue exists in the UPF component upf-epc/pfcpiface. When the UPF receives a PFCP Association Setup Request lacking the mandatory NodeID Information Element, the...

CVE-2025-65566

The CVE-2025-65566 affects omec-project UPF pfcpiface:2.1.3-dev. The session report handler dereferences a nil pointer when processing a PFCP Session Report Response that lacks the mandatory Cause Information Element, causing a panic and UPF process termination. An attacker who can send PFCP Sess...

CVE-2025-65566

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Session Report Response that is missing the mandatory Cause Information Element, the session report handler dereferences a nil pointer instead ...

UPF 安全漏洞

UPF is an open source user interface from the Aether SD-Core Project. A security vulnerability exists in UPF upf-epc-pfcpiface:version 2.1.3-dev, which originates from dereferencing a null pointer when processing a PFCP session report response that lacks a cause information element, which could...