0Wln3D

**Name of the Vulnerable Software and Affected Versions** Open5GS versions prior to 2.7.8 **Description** A flaw in the User Plane Function (UPF) component allows a remote attacker to cause resource consumption. This issue occurs within the ` gtpv1 u recv cb()` function located in the `src/upf/gtp-path.c` file. **Recommendations** Update to a version later than 2.7.7. As a temporary workaround, restrict access to the ` gtpv1 u recv cb()` function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Open5GS versions prior to 2.7.8 **Description** A remote out-of-bounds read can occur in the NF component within the `ogs sbi client send via scp or sepp()` function located in the `lib/sbi/client.c` library. This issue is triggered through specific manipulation of the system. **Recommendations** Install patch d5bc487fcf9ea87d2b03f2ef95123af344773bfb to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** aligungr UERANSIM versions prior to 3.2.8 **Description** A remote attack can be initiated by manipulating the `pduLength` argument in the `rls::DecodeRlsMessage()` function within the `src/lib/rls/rls pdu.cpp` library of the Radio Link Simulation Layer component, leading to an uncaught exception. **Recommendations** Upgrade to version 3.2.8.