PT-2026-6668 · Free5Gc · Free5Gc
Linziyu
·
Published
2026-02-06
·
Updated
2026-02-06
·
CVE-2026-1975
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Free5GC versions prior to 4.1.1
Description
A security flaw exists in Free5GC up to version 4.1.0. The issue resides in the
identityTriggerType function within the pfcp reports.go file, leading to a null pointer dereference. This can be exploited remotely. The exploit has been publicly released and may be used in attacks.Recommendations
Versions prior to 4.1.1 should be updated.
Exploit
Fix
Improper Resource Release
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Free5Gc