CVE-2025-65559

Name of the Vulnerable Software and Affected Versions Open5GS version 2.7.5-49-g465e90f

Description A flaw exists in Open5GS where a malformed PFCP Session Establishment Request can cause the UPF to crash. Specifically, when processing a request (type=50) and the CreatePDR?PDI?F-TEID has CH=1, a mismatch between the F-TEID address-family flags (IPv4/IPv6) and the GTP-U resource family configured for the selected DNN (Network Instance) triggers a reachable assertion within the lib/pfcp/context.c file, at the ogs pfcp object teid hash set function. This results in a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.