CNNVD-202512-3801 Information
CNNVD ID
CNNVD-202512-3801
Related CVE
- CNNVD Published: 2025-12-19
Description (Chinese)
Open5GS是Open5GS开源的一个 5G Core 和 Epc 的 C 语言开源实现,即 Lte/Nr 网络的核心网络。 Open5GS 2.7.5及之前版本存在安全漏洞,该漏洞源于PFCP组件中函数ogs_pfcp_handle_create_pdr的错误操作,可能导致初始化不当。
Description (English)
Open5GS is a 5G Core and Epc open-language C open source of Open5GS, the core network of the Lte/Nr network. Open5GS 2.7.5 and previous versions contain a security loophole, which stems from the error of the function ogs pfcp handle create pdr in the PFCP component, which may lead to an incorrect initialization.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Open5GS
Published
2025-12-19
Last Modified
2026-02-24
References
https://github.com/open5gs/open5gs/commit/773117aa5472af26fc9f80e608d3386504c3bdb7 https://github.com/open5gs/open5gs/issues/4182 https://github.com/open5gs/open5gs/issues/4182#issue-3670797098 https://github.com/open5gs/open5gs/issues/4182#issuecomment-3616081878 https://vuldb.com/?ctiid.337591 https://vuldb.com/?id.337591 https://vuldb.com/?submit.716841 https://access.redhat.com/security/cve/cve-2025-14955