CVE-2024-24422

Name of the Vulnerable Software and Affected Versions: Linux Foundation Magma versions <= 1.8.0

Description: A stack overflow was discovered in the decode protocol configuration options function at /3gpp/3gpp 24.008 sm ies.c. This issue allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

Recommendations: For Linux Foundation Magma versions <= 1.8.0, update to version 1.9 or later, specifically including commit 08472ba98b8321f802e95f5622fa90fec2dea486, to resolve the issue. As a temporary workaround, consider restricting access to the decode protocol configuration options function to minimize the risk of exploitation.