PT-2025-53699 · Open5Gs · Open5Gs
Ziyulin
·
Published
2025-12-29
·
Updated
2025-12-31
·
CVE-2025-15176
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Open5GS versions through 2.7.5
Description
A flaw exists in Open5GS affecting the
decode ipv6 header/ogs pfcp pdr rule find by packet function within the lib/pfcp/rule-match.c file of the PFCP Session Establishment Request Handler component. Manipulation of this function can lead to a reachable assertion. The attack can be launched remotely.Recommendations
Apply patch b72d8349980076e2c033c8324f07747a86eea4f8 to resolve this issue.
Exploit
Fix
Assertion Failure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Open5Gs