CNNVD-202512-3407 Information

CNNVD ID

CNNVD-202512-3407

Related CVE

CVE-2025-65567

• CNNVD Published: 2025-12-18

Description (Chinese)

UPF是Aether SD-Core Project开源的一个用户界面。 UPF upf-epc-pfcpiface:2.1.3-dev版本存在安全漏洞，该漏洞源于处理包含畸形流描述的PFCP会话建立请求时缓冲区越界读取，可能导致拒绝服务。

Description (English)

UPF is a user interface for Aether SD-Core Projects. The UPF upf-epc-pfcpace: 2.1.3-dev version has a security loophole, which arises from the fact that the buffer zone is read across the buffer zone at the time of the request to establish the PFCP session, which contains an abnormal flow description, and may lead to the denial of services.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Aether SD-Core Project

Published

2025-12-18

Last Modified

2026-02-24

References

https://github.com/omec-project/upf/issues/959 https://access.redhat.com/security/cve/cve-2025-65567