CNNVD-202509-1054 Information
CNNVD ID
CNNVD-202509-1054
Related CVE
- CNNVD Published: 2025-09-08
Description (Chinese)
Open5GS是Open5GS开源的一个 5G Core 和 Epc 的 C 语言开源实现,即 Lte/Nr 网络的核心网络。 Open5GS 2.7.5及之前版本存在安全漏洞,该漏洞源于AMF组件中ngap_build_downlink_nas_transport函数存在断言失败,可能导致拒绝服务攻击。
Description (English)
Open5GS is a 5G Core and Epc open-language C open source of Open5GS, the core network of the Lte/Nr network. Open5GS 2.7.5 and previous versions contain a security loophole that stems from the alleged failure of the ngap build downlink nas transport function in the AMF component, which could lead to a denial of service attack.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
openBI
Published
2025-09-08
Last Modified
2026-02-24
References
https://github.com/matejGradisar/open5gs/commit/5467da9763c300520f56bfbe0a7f5a7f980ec2f6 https://github.com/ZHENGHAOHELLO/BugReport/blob/main/CVE-2025-52288 https://github.com/open5gs/open5gs/issues/3862 https://github.com/open5gs/open5gs/issues/3862#issuecomment-2853458783 https://github.com/open5gs/open5gs/issues/3862#issue-3006335547 https://access.redhat.com/security/cve/cve-2025-52288
Patch
https://github.com/open5gs/open5gs/releases
Share on: