CVE-2024-24444

Name of the Vulnerable Software and Affected Versions: OpenAirInterface CN5G AMF (oai-cn5g-amf) versions up to v2.0.0

Description: The issue is related to improper file descriptor handling for closed connections, which allows attackers to cause a Denial of Service (DoS) by repeatedly establishing SCTP connections with the N2 interface.

Recommendations: For versions up to v2.0.0, consider restricting access to the N2 interface to minimize the risk of exploitation until a patch is available. As a temporary workaround, consider implementing measures to limit the establishment of repeated SCTP connections. At the moment, there is no information about a newer version that contains a fix for this vulnerability.