CVE-2024-24416

Name of the Vulnerable Software and Affected Versions: Linux Foundation Magma versions <= 1.8.0

Description: A buffer overflow was discovered in the decode access point name ie function at /3gpp/3gpp 24.008 sm ies.c. This issue allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

Recommendations: For Linux Foundation Magma versions <= 1.8.0, update to version 1.9 or later, which includes the fix for this issue, as committed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486. As a temporary workaround, consider restricting access to the decode access point name ie function to minimize the risk of exploitation.