CVE-2023-47347

Name of the Vulnerable Software and Affected Versions free5gc version 3.3.0

Description The issue allows attackers to cause a denial of service via crafted PFCP messages whose Sequence Number is mutated to overflow bytes. This can be achieved by exploiting a Buffer Overflow vulnerability.

Recommendations For free5gc version 3.3.0, as a temporary workaround, consider restricting the handling of crafted PFCP messages to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.