PT-2022-11977 · Open5Gs · Open5Gs
Yblog123
·
Published
2022-03-29
·
Updated
2022-04-05
·
CVE-2021-44081
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
open5gs version 2.1.4
Description
A buffer overflow issue exists in the AMF of open5gs. When the length of
MSIN in Supi exceeds 24 characters, it leads to AMF denial of service.Recommendations
For open5gs version 2.1.4, consider restricting the length of
MSIN in Supi to 24 characters or less to prevent the buffer overflow issue until a patch is available.Exploit
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Open5Gs