CVE-2024-24417

Name of the Vulnerable Software and Affected Versions: Linux Foundation Magma versions <= 1.8.0

Description: A buffer overflow was discovered in the decode protocol configuration options function at /3gpp/3gpp 24.008 sm ies.c. This issue allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

Recommendations: For Linux Foundation Magma versions <= 1.8.0, update to version 1.9 or later, specifically ensuring the inclusion of commit 08472ba98b8321f802e95f5622fa90fec2dea486, to resolve the buffer overflow issue in the decode protocol configuration options function. As a temporary workaround, consider restricting the handling of NAS packets to minimize the risk of exploitation.