CNNVD-202512-3784 Information
CNNVD ID
CNNVD-202512-3784
Related CVE
- CNNVD Published: 2025-12-19
Description (Chinese)
Open5GS是Open5GS开源的一个 5G Core 和 Epc 的 C 语言开源实现,即 Lte/Nr 网络的核心网络。 Open5GS 2.7.5及之前版本存在安全漏洞,该漏洞源于QER/FAR/URR/PDR组件中函数ogs_pfcp_pdr_find_or_add的错误操作,可能导致可达断言。
Description (English)
Open5GS is a 5G Core and Epc open-language C open source of Open5GS, the core network of the Lte/Nr network. Open5GS 2.7.5 and previous versions contain a security loophole, which stems from the error of the function ogs pfcp pdr find or add in QER/FAR/URR/PDR component, which may lead to a claim.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Open5GS
Published
2025-12-19
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.337590 https://vuldb.com/?submit.716810 https://github.com/open5gs/open5gs/issues/4181 https://vuldb.com/?id.337590 https://github.com/open5gs/open5gs/commit/442369dcd964f03d95429a6a01a57ed21f7779b7 https://github.com/open5gs/open5gs/issues/4181#issue-3667069101 https://github.com/open5gs/open5gs/issues/4181#issuecomment-3615646842 https://access.redhat.com/security/cve/cve-2025-14954