CVE-2023-37013 Information

Description

Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a sufficiently large ASN.1 packet over the S1AP interface. An attacker may repeatedly send such an oversized packet to cause the ogs_sctp_recvmsg routine to reach an unexpected network state and crash leading to denial of service.

Reference

https://cellularsecurity.org/ransacked