CVE-2025-65559

Опубликовано: 18 дек. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

An issue was discovered in Open5GS 2.7.5-49-g465e90f, when processing a PFCP Session Establishment Request (type=50), the UPF crashes with a reachable assertion in lib/pfcp/context.c (ogs_pfcp_object_teid_hash_set) if the CreatePDR?PDI?F-TEID has CH=1 and the F-TEID address-family flag(s) (IPv4/IPv6) do not match the GTP-U resource family configured for the selected DNN (Network Instance), resulting in a denial of service.

Ссылки

https://github.com/open5gs/open5gs/issues/4135
Exploit
Issue Tracking
Vendor Advisory
https://github.com/open5gs/open5gs/issues/4135
Exploit
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:open5gs:open5gs:2.7.5:*:*:*:*:*:*:*

EPSS

Процентиль: 15%

0.00048

Низкий

7.5 High

CVSS3

Дефекты

CWE-617

Связанные уязвимости

CVE-2025-65559

CVSS3: 7.5

debian

около 2 месяцев назад

An issue was discovered in Open5GS 2.7.5-49-g465e90f, when processing ...

GHSA-vpvv-3968-xxmc

CVSS3: 7.5

github

около 2 месяцев назад

An issue was discovered in Open5GS 2.7.5-49-g465e90f, when processing a PFCP Session Establishment Request (type=50), the UPF crashes with a reachable assertion in `lib/pfcp/context.c` (`ogs_pfcp_object_teid_hash_set`) if the CreatePDR?PDI?F-TEID has CH=1 and the F-TEID address-family flag(s) (IPv4/IPv6) do not match the GTP-U resource family configured for the selected DNN (Network Instance), resulting in a denial of service.

EPSS

Процентиль: 15%

0.00048

Низкий

7.5 High

CVSS3

Дефекты

CWE-617