Buffer Overflow Vulnerability in Open5GS v2.6.4 from Open5GS
CVE-2024-40130

9.8CRITICAL

Key Information:

Vendor: Open5gs
Status: Open5gs
Vendor: CVE Published:; 16 July 2024

What is CVE-2024-40130?

Open5GS v2.6.4 contains a vulnerability resulting from a buffer overflow in the /lib/core/abts.c file. This flaw may allow attackers to exploit the system, potentially leading to arbitrary code execution or system instability. Users of Open5GS are urged to review the software for any potential exposure related to this vulnerability and to apply necessary mitigations as detailed in the related GitHub discussions and updates.

References

https://github.com/open5gs/open5gs/issues/2577

https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 16, 2024

Open5gs

What is CVE-2024-40130?

References

CVSS V3.1

Timeline