PT-2026-1033 · Open5Gs · Open5Gs
Ziyulin
·
Published
2026-01-01
·
Updated
2026-01-02
·
CVE-2025-15417
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Open5GS versions through 2.7.6
Description
A flaw exists in Open5GS related to the
sgwc s11 handle create session request function within the GTPv2-C F-TEID Handler component, specifically in the file src/sgwc/s11-handler.c. Manipulation of this function can lead to a denial of service. The attack requires local access. The patch identified as 465273d13ba5d47b274c38c9d1b07f04859178a1 addresses this issue.Recommendations
Apply the patch 465273d13ba5d47b274c38c9d1b07f04859178a1 to versions through 2.7.6.
Exploit
Fix
DoS
Improper Resource Release
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Open5Gs