PT-2026-6666 · Free5Gc · Free5Gc
Ziyulin
·
Published
2026-02-06
·
Updated
2026-02-09
·
CVE-2026-1974
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Free5GC versions prior to 4.1.1
Description
A flaw exists in Free5GC’s SMF component, specifically within the
ResolveNodeIdToIp function located in the internal/sbi/processor/datapath.go file. This issue can lead to a denial of service. Remote exploitation is possible. The exploit is publicly available.Recommendations
Apply a patch to address this issue in Free5GC versions prior to 4.1.1.
Exploit
Fix
DoS
Improper Resource Release
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Free5Gc