Описание
A buffer overflow in the ngap_amf_handle_pdu_session_resource_setup_response function of oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a PDU Session Resource Setup Response with an empty Response Item list.
EPSS
Процентиль: 49%
0.00259
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-120
Связанные уязвимости
CVSS3: 5.3
github
около 1 года назад
Stack-based memcpy buffer overflow in the ngap_handle_pdu_session_resource_setup_response routine in OpenAirInterface CN5G AMF <= 2.0.0 allows a remote attacker with access to the N2 interface to carry out denial of service against the AMF and potentially execute code by sending a PDU Session Resource Setup Response with a ResourceFailedToSetupList containing zero elements.
EPSS
Процентиль: 49%
0.00259
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-120