CVE-2026-37231

FlexRIC v2.0.0 uses a uint16 t counter for xapp id assignment but stores the value in uint32 t message fields. After 65,530+ E42 SETUP REQUESTs, the 16-bit counter wraps around and produces duplicate xapp ids. The iApp (port 36422) crashes when attempting to register a duplicate ID in its internal data structure. A remote attacker can trigger this by repeatedly connecting and requesting new xApp registrations.