Henryzhaoh

**Name of the Vulnerable Software and Affected Versions** open5gs version 2.4.11 **Description** The issue is related to a memory leak in the component src/upf/pfcp-path.c, which allows attackers to cause a Denial of Service (DoS) via a crafted PFCP packet. **Recommendations** For open5gs version 2.4.11, consider restricting access to the vulnerable component src/upf/pfcp-path.c to minimize the risk of exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** open5gs version 2.4.11 **Description** The issue is related to a memory leak in the component src/smf/pfcp-path.c, which allows attackers to cause a Denial of Service (DoS) via a crafted PFCP packet. **Recommendations** For open5gs version 2.4.11, consider restricting access to the vulnerable component src/smf/pfcp-path.c to minimize the risk of exploitation. As a temporary workaround, avoid processing crafted PFCP packets until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** open5gs version 2.4.11 **Description** The issue is related to a memory leak in the ngap-handler.c component. This allows attackers to cause a Denial of Service (DoS) via a crafted UE attachment. **Recommendations** For open5gs version 2.4.11, consider restricting access to the ngap-handler.c component to minimize the risk of exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Open5GS versions 2.4.10 and earlier **Description** A vulnerability in the /src/amf/amf-context.c file leads to an AMF denial of service. **Recommendations** For Open5GS versions 2.4.10 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.