CNNVD-202601-4009 Information

CNNVD ID

CNNVD-202601-4009

Related CVE

CVE-2025-66720

• CNNVD Published: 2026-01-23

Description (Chinese)

pcf是free5GC开源的一个策略控制功能模块。 pcf 1.4.0版本存在安全漏洞，该漏洞源于HandleDeletePoliciesPolAssoId函数存在空指针取消引用。

Description (English)

pcf is a policy control function module for free5GC open source. Pcf 1.4.0 has a security loophole, which stems from the empty pointer unreferenced in the Handle Delete Polissoid function.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

free5GC

Published

2026-01-23

Last Modified

2026-02-24

References

https://github.com/free5gc/free5gc/issues/726 https://github.com/free5gc/pcf/pull/57 https://access.redhat.com/security/cve/cve-2025-66720

Patch

https://github.com/free5gc/pcf/releases