Xiaohan Zheng

Name of the Vulnerable Software and Affected Versions: Open5GS versions prior to 2.7.6 Description: A problematic vulnerability exists in Open5GS up to version 2.7.5. The issue affects the `gmm state de registered/gmm state exception` function within the AMF component, specifically in the file `src/amf/gmm-sm.c`. Manipulation of this function can lead to a denial of service. The attack can be launched remotely. Recommendations: Open5GS versions prior to 2.7.6: Upgrade to version 2.7.6 or later to address this issue.

Name of the Vulnerable Software and Affected Versions: Open5GS versions up to 2.7.5 Description: A vulnerability exists in Open5GS that is classified as problematic. The issue affects the `smf gsm state wait pfcp deletion` function within the `src/smf/gsm-sm.c` file of the SMF component. Manipulation of this function can lead to a denial of service. The attack can be launched remotely. The exploit for this issue has been publicly disclosed. Recommendations: Open5GS versions prior to 2.7.6: Upgrade to version 2.7.6 to address this issue.