CNNVD-202601-001 Information

Jan 01, 2026 cve

CNNVD ID

CNNVD-202601-001

CVE-2025-15417

CNNVD Published: 2026-01-01

Description (Chinese)

Open5GS是Open5GS开源的一个 5G Core 和 Epc 的 C 语言开源实现，即 Lte/Nr 网络的核心网络。 Open5GS 2.7.6及之前版本存在安全漏洞，该漏洞源于对文件src/sgwc/s11-handler.c中函数sgwc_s11_handle_create_session_request的错误操作，可能导致拒绝服务攻击。

Description (English)

Open5GS is a 5G Core and Epc open-language C open source of Open5GS, the core network of the Lte/Nr network. Open5GS 2.7.6 and previous versions contain a security loophole, which is the result of an error in the performance of the sgwc s11 handler.c function in document src/sgwc/s11-handler.c, which could lead to a denial of service attack.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Open5GS

Published

2026-01-01

Last Modified

2026-02-24

References

https://github.com/open5gs/open5gs/issues/4203#issuecomment-3681643498 https://vuldb.com/?submit.727616 https://github.com/open5gs/open5gs/issues/4203#issue-3719257558 https://vuldb.com/?ctiid.339339 https://github.com/open5gs/open5gs/commit/465273d13ba5d47b274c38c9d1b07f04859178a1 https://vuldb.com/?id.339339 https://access.redhat.com/security/cve/cve-2025-15417

Share on: