Magma Security Vulnerabilities and Issues — Magma CVE List

Lucene search

LinuxfoundationMagma

11 matches found

CVE•added 2025/01/21 11:15 p.m.•60 views

CVE-2023-37027

Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP E-RAB Modification Indication packet missing an expected eNB_UE_S1AP_ID fi...

6.5CVSS6.5AI score0.00032EPSS

CVE•added 2025/01/21 11:15 p.m.•60 views

CVE-2023-37028

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP E-RAB Modification Indication packet missing an expected eNB_UE_S1AP_ID ...

6.5CVSS6.9AI score0.00035EPSS

CVE•added 2025/01/21 11:15 p.m.•43 views

CVE-2023-37031

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP eNB Configuration Transfer packet missing its required Target eNB ID fie...

6.5CVSS6.9AI score0.00041EPSS

CVE•added 2025/01/21 11:15 p.m.•40 views

CVE-2023-37033

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP Initial UE Message packet missing an expected EUTRAN_CGI field.

6.5CVSS6.9AI score0.00041EPSS

CVE•added 2025/01/21 11:15 p.m.•38 views

CVE-2023-37030

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP Initial UE Message packet missing an expected eNB_UE_S1AP_ID field.

6.5CVSS6.9AI score0.00041EPSS

CVE•added 2025/01/21 11:15 p.m.•38 views

CVE-2023-37034

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP Initial UE Message packet missing an expected TAI field.

6.5CVSS6.9AI score0.00041EPSS

CVE•added 2025/01/21 11:15 p.m.•38 views

CVE-2023-37036

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP Uplink NAS Transport packet missing an expected ENB_UE_S1AP_ID field.

6.5CVSS6.9AI score0.00041EPSS

CVE•added 2025/01/21 11:15 p.m.•38 views

CVE-2023-37038

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP Uplink NAS Transport packet missing an expected MME_UE_S1AP_ID field.

6.5CVSS6.5AI score0.00041EPSS

CVE•added 2025/01/21 11:15 p.m.•37 views

CVE-2023-37037

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP S1Setup Request packet missing an expected Supported TAs field.

6.5CVSS6.9AI score0.00041EPSS

CVE•added 2025/01/21 11:15 p.m.•35 views

CVE-2023-37025

6.5CVSS6.6AI score0.00033EPSS

CVE•added 2025/01/21 11:15 p.m.•34 views

CVE-2023-37026

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP E-RAB Release Response packet missing an expected MME_UE_S1AP_ID field.

6.5CVSS6.9AI score0.00033EPSS