5 matches found
CVE-2023-37027
CVE-2023-37027 concerns Magma’s Mobile Management Entity (MME). A null pointer dereference in Magma ≤ 1.8.0 can crash the MME when processing an S1AP “E-RAB Modification Indication” packet that omits the expected eNB_UE_S1AP_ID field. This is fixed in Magma v1.9, commit 08472ba98b8321f802e95f5622...
CVE-2023-37028
CVE-2023-37028 describes a null pointer dereference in the Mobile Management Entity (MME) of Magma
CVE-2023-37025
Magma MME contains a null pointer dereference in versions <= 1.8.0 that allows network-adjacent attackers to crash the MME by sending an S1AP Reset packet missing an expected ResetType field. The issue is fixed in Magma v1.9 (commit 08472ba98b8321f802e95f5622fa90fec2dea486). Affected product: ...
CVE-2023-37024
CVE-2023-37024 affects Magma’s Mobile Management Entity (MME)
CVE-2023-37026
The CVE-2023-37026 item affects Magma’s Mobile Management Entity (MME) and is caused by a null pointer dereference when handling an S1AP E-RAB Release Response packet missing the MME_UE_S1AP_ID field. Affected version: Magma