CVE-2025-65565

Name of the Vulnerable Software and Affected Versions omec-project UPF version 2.1.3-dev

Description A denial-of-service issue exists in the omec-project UPF (pfcpiface component). Specifically, when a PFCP Session Establishment Request is sent to the UPF’s N4/PFCP endpoint without the mandatory F-SEID Information Element, it is not properly validated. This causes the session establishment handler to call IE.FSEID() on a nil pointer, resulting in a panic and termination of the UPF process. An attacker can exploit this by repeatedly sending malformed PFCP Session Establishment Request messages, causing the UPF to crash and disrupting user-plane services. The affected API endpoint is the N4/PFCP endpoint. The vulnerable parameter is the F-SEID Information Element within the PFCP Session Establishment Request.

Recommendations Update to a newer version of omec-project UPF that addresses this issue. As a temporary workaround, implement strict input validation for PFCP Session Establishment Request messages to ensure the presence of the mandatory F-SEID Information Element before processing.