CVE-2026-30077

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions OpenAirInterface version 2.2.0

Description The AMF component within OpenAirInterface experiences crashes when it encounters failures during message decoding. While not all decoding failures lead to a crash, specific inputs consistently trigger the issue. An example of a crashing input, represented in hexadecimal stream, is '80 00 00 0E 00 00 01 00 0F 80 02 02 40 00 58 00 01 88'.

Recommendations Update to a newer version of OpenAirInterface that addresses the message decoding issue in the AMF component.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2026-30077

Affected Products

Openairinterface

CVE-2026-30077

Weakness Enumeration

Related Identifiers

Affected Products

References · 3