Lucene search
+L

87 matches found

Vulnrichment
Vulnrichment
added 2026/02/13 12:0 a.m.5 views

CVE-2025-70122

A heap buffer overflow vulnerability in the UPF component of free5GC v4.0.1 allows remote attackers to cause a denial of service via a crafted PFCP Session Modification Request. The issue occurs in the SDFFilterFields.UnmarshalBinary function sdf-filter.go when processing a declared length that...

5.9AI score0.0034EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/02/13 12:0 a.m.31 views

CVE-2025-70122

A heap buffer overflow vulnerability in the UPF component of free5GC v4.0.1 allows remote attackers to cause a denial of service via a crafted PFCP Session Modification Request. The issue occurs in the SDFFilterFields.UnmarshalBinary function sdf-filter.go when processing a declared length that...

0.0034EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/02/13 12:0 a.m.7 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Version 4.0.1 of free5GC contains a security vulnerability caused by a heap buffer overflow in the UPF component. This vulnerability could allow remote attackers to exploit it through a specially crafted PFCP Session...

7.5CVSS6AI score0.0034EPSS
Exploits1References1
OSV
OSV
added 2026/02/13 12:0 a.m.6 views

CVE-2025-70122

A heap buffer overflow vulnerability in the UPF component of free5GC v4.0.1 allows remote attackers to cause a denial of service via a crafted PFCP Session Modification Request. The issue occurs in the SDFFilterFields.UnmarshalBinary function sdf-filter.go when processing a declared length that...

7.5CVSS5.9AI score0.0034EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/12/29 10:55 p.m.5 views

CVE-2025-15156

A flaw has been found in omec-project UPF up to 2.1.3-dev. This affects the function handleSessionEstablishmentRequest of the file /pfcpiface/pfcpiface/messagessession.go of the component PFCP Session Establishment Request Handler. This manipulation causes null pointer dereference. The attack may...

5.3CVSS6.6AI score0.00271EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/28 10:2 p.m.28 views

CVE-2025-15156 omec-project UPF PFCP Session Establishment Request messages_session.go handleSessionEstablishmentRequest null pointer dereference

A flaw has been found in omec-project UPF up to 2.1.3-dev. This affects the function handleSessionEstablishmentRequest of the file /pfcpiface/pfcpiface/messagessession.go of the component PFCP Session Establishment Request Handler. This manipulation causes null pointer dereference. The attack may...

5.3CVSS0.00271EPSS
Exploits0References4
CVE
CVE
added 2025/12/28 10:2 p.m.25 views

CVE-2025-15156

CVE-2025-15156 affects omec-project UPF up to 2.1.3-dev. The PFCP Session Establishment Request Handler’s handleSessionEstablishmentRequest permits a null pointer dereference; the issue can be triggered remotely. Exploit is published; multiple sources note a lack of a fixed version for the patche...

5.3CVSS6.4AI score0.00271EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/19 12:41 a.m.13 views

CVE-2025-65568

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request that includes a CreateFAR with an empty or truncated IPv4 address field is not properly validated. During...

7.5CVSS7AI score0.0036EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/19 12:41 a.m.7 views

CVE-2025-65559

An issue was discovered in Open5GS 2.7.5-49-g465e90f, when processing a PFCP Session Establishment Request type=50, the UPF crashes with a reachable assertion in lib/pfcp/context.c ogspfcpobjectteidhashset if the CreatePDR?PDI?F-TEID has CH=1 and the F-TEID address-family flags IPv4/IPv6 do not...

7.5CVSS6.9AI score0.00373EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/19 12:41 a.m.9 views

CVE-2025-65564

A denial-of-service vulnerability exists in the omec-upf upf-epc-pfcpiface in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory Recovery Time Stamp Information Element, the association setup handler dereferences a nil pointer...

7.5CVSS6.8AI score0.00374EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/19 12:41 a.m.10 views

CVE-2025-65562

The free5GC UPF suffers from a lack of bounds checking on the SEID when processing PFCP Session Deletion Requests. An unauthenticated remote attacker can send a request with a very large SEID e.g., 0xFFFFFFFFFFFFFFFF that causes an integer conversion/underflow in LocalNode.DeleteSess /...

7.5CVSS7.1AI score0.00509EPSS
Exploits1References1
Snyk
Snyk
added 2025/12/18 7:46 p.m.4 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the association setup handler process. An attacker can cause the service to crash and disrupt user-plane services by sending a PFCP Association Setup Request that omits the mandatory Recovery Time Stamp...

8.7CVSS5.6AI score0.00374EPSS
Exploits1References2
NVD
NVD
added 2025/12/18 7:16 p.m.6 views

CVE-2025-65568

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request that includes a CreateFAR with an empty or truncated IPv4 address field is not properly validated. During...

7.5CVSS0.0036EPSS
Exploits1References1
OSV
OSV
added 2025/12/18 7:16 p.m.3 views

CVE-2025-65565

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association is established, a PFCP Session Establishment Request that is missing the mandatory F-SEID CPF-SEID Information Element is not properly validated. The...

7.5CVSS5.8AI score0.0036EPSS
Exploits1References1
OSV
OSV
added 2025/12/18 7:16 p.m.5 views

CVE-2025-65567

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a specially crafted PFCP Session Establishment Request with a CreatePDR that contains a malformed Flow-Description is not robustly validated. The...

7.5CVSS5.8AI score0.0036EPSS
Exploits1References1
OSV
OSV
added 2025/12/18 7:16 p.m.8 views

CVE-2025-65568

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request that includes a CreateFAR with an empty or truncated IPv4 address field is not properly validated. During...

7.5CVSS6AI score0.0036EPSS
Exploits1References3
NVD
NVD
added 2025/12/18 7:16 p.m.7 views

CVE-2025-65563

A denial-of-service vulnerability exists in the omec-project UPF component upf-epc/pfcpiface up to at least version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory NodeID Information Element, the association setup handler...

7.5CVSS0.00384EPSS
Exploits1References2
NVD
NVD
added 2025/12/18 7:16 p.m.37 views

CVE-2025-65559

An issue was discovered in Open5GS 2.7.5-49-g465e90f, when processing a PFCP Session Establishment Request type=50, the UPF crashes with a reachable assertion in lib/pfcp/context.c ogspfcpobjectteidhashset if the CreatePDR?PDI?F-TEID has CH=1 and the F-TEID address-family flags IPv4/IPv6 do not...

7.5CVSS0.00373EPSS
Exploits1References1
NVD
NVD
added 2025/12/18 7:16 p.m.12 views

CVE-2025-65564

A denial-of-service vulnerability exists in the omec-upf upf-epc-pfcpiface in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory Recovery Time Stamp Information Element, the association setup handler dereferences a nil pointer...

7.5CVSS0.00374EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/12/18 12:0 a.m.3 views

CVE-2025-65568

A denial-of-service vulnerability exists in the omec-project UPF pfcpiface component in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request that includes a CreateFAR with an empty or truncated IPv4 address field is not properly validated. During...

6.7AI score0.0036EPSS
Exploits1References1
Rows per page
Query Builder