Lucene search
K
LinuxfoundationMagma

22 matches found

CVE
CVE
added 2025/01/21 12:0 a.m.87 views

CVE-2024-24421

CVE-2024-24421 describes a type confusion in Magma’s nas_message_decode function that affects Magma

9.8CVSS7.8AI score0.00928EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.82 views

CVE-2024-24420

CVE-2024-24420 affects Magma, where a reachable assertion in the decode_linked_ti_ie function within Magma

7.5CVSS6.4AI score0.00584EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.73 views

CVE-2023-37027

CVE-2023-37027 concerns Magma’s Mobile Management Entity (MME). A null pointer dereference in Magma ≤ 1.8.0 can crash the MME when processing an S1AP “E-RAB Modification Indication” packet that omits the expected eNB_UE_S1AP_ID field. This is fixed in Magma v1.9, commit 08472ba98b8321f802e95f5622...

6.5CVSS6.5AI score0.00373EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.72 views

CVE-2023-37028

CVE-2023-37028 describes a null pointer dereference in the Mobile Management Entity (MME) of Magma

6.5CVSS6.9AI score0.004EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.72 views

CVE-2024-24423

The CVE-2024-24423 entry describes a buffer overflow in the decode_esm_message_container function of Linux Foundation Magma

7.5CVSS7.6AI score0.00575EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.63 views

CVE-2024-24422

The CVE-2024-24422 vulnerability affects Linux Foundation Magma up to version 1.8.0 and was fixed in v1.9 (commit 08472ba98b8321f802e95f5622fa90fec2dea486). It is caused by a stack overflow in decode_protocol_configuration_options within /3gpp/3gpp_24.008_sm_ies.c, enabling a Denial of Service vi...

7.5CVSS7.5AI score0.00575EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.56 views

CVE-2024-24416

The CVE-2024-24416 entry concerns Linux Foundation Magma up to version 1.8.0, with fixes in v1.9 (commit 08472ba98b8321f802e95f5622fa90fec2dea486). A buffer overflow in decode_access_point_name_ie (file /3gpp/3gpp_24.008_sm_ies.c) is described, enabling a Denial of Service via a crafted NAS packe...

7.5CVSS7.3AI score0.00575EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.55 views

CVE-2023-37031

CVE-2023-37031 affects Magma’s Mobile Management Entity (MME)

6.5CVSS6.9AI score0.00373EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.55 views

CVE-2024-24418

The CVE-2024-24418 entry affects Linux Foundation Magma software up to version 1.8.0, with a fix in the v1.9 branch (commit 08472ba98b8321f802e95f5622fa90fec2dea486). The vulnerability is a buffer overflow in the decode_pdn_address function located at /nas/ies/PdnAddress.cpp, which can be trigger...

7.5CVSS7.6AI score0.00575EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.52 views

CVE-2024-24419

The Red Hat and associated feeds confirm a buffer overflow in Magma core: Linux Foundation Magma

7.5CVSS7.6AI score0.00575EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.49 views

CVE-2023-37033

Magma MME (Mobile Management Entity) vulnerable to a null pointer dereference in versions

6.5CVSS6.9AI score0.00373EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.49 views

CVE-2023-37036

The CVE-2023-37036 issue affects Magma’s Mobile Management Entity (MME) in versions up to 1.8.0 and is resolved in the 1.9 branch (commit 08472ba98b8321f802e95f5622fa90fec2dea486). It is a null pointer dereference caused by an S1AP Uplink NAS Transport packet that omits the expected ENB_UE_S1AP_I...

6.5CVSS6.9AI score0.00373EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.49 views

CVE-2023-37038

CVE-2023-37038 describes a null pointer dereference in Magma’s Mobile Management Entity (MME). The vulnerability affects Magma up to version 1.8.0 and allows network-adjacent attackers to crash the MME by sending an S1AP “Uplink NAS Transport” packet that omits the required MME_UE_S1AP_ID field. ...

6.5CVSS6.5AI score0.00373EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.48 views

CVE-2023-37025

Magma MME contains a null pointer dereference in versions <= 1.8.0 that allows network-adjacent attackers to crash the MME by sending an S1AP Reset packet missing an expected ResetType field. The issue is fixed in Magma v1.9 (commit 08472ba98b8321f802e95f5622fa90fec2dea486). Affected product: ...

6.5CVSS6.6AI score0.00373EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.48 views

CVE-2023-37030

CVE-2023-37030 : A null pointer dereference in the Mobile Management Entity (MME) of Magma

6.5CVSS6.9AI score0.00373EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.48 views

CVE-2024-24417

CVE-2024-24417 affects the Linux Foundation Magma open source platform, specifically versions

7.5CVSS7.6AI score0.00575EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.47 views

CVE-2023-37032

CVE-2023-37032 corresponds to a stack-based buffer overflow in the Magma MME component. Affected: Magma versions

7.5CVSS7.3AI score0.00745EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.47 views

CVE-2023-37034

CVE-2023-37034 describes a null pointer dereference in Magma’s Mobile Management Entity (MME) when handling an S1AP Initial UE Message lacking an expected TAI field. Affected versions are Magma

6.5CVSS6.9AI score0.00373EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.47 views

CVE-2023-37037

Magma's Mobile Management Entity (MME) contains a null pointer dereference in versions

6.5CVSS6.9AI score0.00373EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.46 views

CVE-2023-37024

CVE-2023-37024 affects Magma’s Mobile Management Entity (MME)

7.5CVSS7.2AI score0.007EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.46 views

CVE-2023-37026

The CVE-2023-37026 item affects Magma’s Mobile Management Entity (MME) and is caused by a null pointer dereference when handling an S1AP E-RAB Release Response packet missing the MME_UE_S1AP_ID field. Affected version: Magma

6.5CVSS6.9AI score0.00248EPSS
CVE
CVE
added 2025/01/21 12:0 a.m.45 views

CVE-2023-37029

Magma CVE-2023-37029 affects Magma MME in versions

7.5CVSS7AI score0.00596EPSS