CNNVD-202601-764 Information
CNNVD ID
CNNVD-202601-764
Related CVE
- CNNVD Published: 2026-01-02
Description (Chinese)
Open5GS等都是(Open5GS)开源的产品。Open5GS是一个 5G Core 和 Epc 的 C 语言开源实现,即 Lte/Nr 网络的核心网络。TanStack form等都是(TanStack)开源的产品。form是一个表单状态管理程序。ClickHouse ch等都是(ClickHouse)开源的产品。ch是一个ClickHouse的低级Go客户端。 Open5GS 2.7.6及之前版本存在安全漏洞,该漏洞源于对库文件lib/gtp/v2/types.c中函数ogs_gtp2_parse_bearer_qos的错误操作,可能导致拒绝服务攻击。
Description (English)
Open5GS etc. are open-source products. Open5GS is a C-language open source of 5G Core and Epc, a core network of the Lte/Nr network. TanStack form and so on are open-source products. Form is a form status management program. Clickhousech is an open source product. c is a Click House low-level Go client. Open5GS 2.7.6 and previous versions contain a security loophole, which stems from an error in the library document lib/gtp/v2/types.c.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Open5GS
Published
2026-01-02
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.339340 https://vuldb.com/?id.339340 https://vuldb.com/?submit.728043 https://github.com/open5gs/open5gs/issues/4217#issue-3759615968 https://github.com/open5gs/open5gs/issues/4217#issuecomment-3690767105 https://github.com/open5gs/open5gs/commit/4e913d21f2c032b187815f063dbab5ebe65fe83a https://access.redhat.com/security/cve/cve-2025-15418
Share on: