In free5GC 3.2.1, a malformed NGAP message can crash the AMF and NGAP decoders via an index-out-of-range panic in aper.GetBitString.
References
Link | Resource |
---|---|
https://github.com/free5gc/free5gc/issues/402 | Exploit Issue Tracking Third Party Advisory |
https://www.trendmicro.com/en_us/research/23/j/asn1-vulnerabilities-in-5g-cores.html |
Configurations
History
08 Dec 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Oct 2022, 14:04
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CWE | NVD-CWE-noinfo | |
References | (MISC) https://github.com/free5gc/free5gc/issues/402 - Exploit, Issue Tracking, Third Party Advisory | |
First Time |
Free5gc free5gc
Free5gc |
|
CPE | cpe:2.3:a:free5gc:free5gc:3.2.1:*:*:*:*:*:*:* |
24 Oct 2022, 14:22
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-24 14:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-43677
Mitre link : CVE-2022-43677
CVE.ORG link : CVE-2022-43677
JSON object : View
Products Affected
free5gc
- free5gc
CWE