CVE-2024-24423

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux Foundation Magma versions <= 1.8.0

Description: A buffer overflow was discovered in the decode esm message container function at /nas/ies/EsmMessageContainer.cpp. This issue allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

Recommendations: For Linux Foundation Magma versions <= 1.8.0, update to version 1.9 or later, which includes the fix for this issue, as committed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486. As a temporary workaround, consider restricting access to the decode esm message container function to minimize the risk of exploitation.

Exploit

Fix

DoS

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-120

Related Identifiers

CVE-2024-24423

Affected Products

Magma

CVE-2024-24423

Weakness Enumeration

Related Identifiers

Affected Products

References · 5