An issue in upf in open5gs 2.7.2 and earlier allows a remote attacker to cause a Denial of Service via a crafted PFCP SessionEstablishmentRequest packet with restoration indication = true and (teid = 0 or teid >= ogs_pfcp_pdr_teid_pool.size).
References
Configurations
No configuration.
History
20 Jun 2025, 13:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References |
|
|
18 Jun 2025, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-06-18 18:15
Updated : 2025-06-23 20:16
NVD link : CVE-2025-29646
Mitre link : CVE-2025-29646
CVE.ORG link : CVE-2025-29646
JSON object : View
Products Affected
No product.
CWE
CWE-20
Improper Input Validation