Description
A reachable assertion in the ogs_nas_emm_decode function of Open5GS v2.7.0 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet with a zero-length EMM message length.
Published: 2024-11-15
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 22 Apr 2025 17:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:open5gs:open5gs:2.7.0:*:*:*:*:*:*:*

Tue, 03 Dec 2024 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Open5gs
Open5gs open5gs
CPEs cpe:2.3:a:open5gs:open5gs:-:*:*:*:*:*:*:*
Vendors & Products Open5gs
Open5gs open5gs
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 03 Dec 2024 16:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-78
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Fri, 15 Nov 2024 19:00:00 +0000

Type Values Removed Values Added
Description A reachable assertion in the ogs_nas_emm_decode function of Open5GS v2.7.0 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet with a zero-length EMM message length.
References

Subscriptions

Open5gs Open5gs
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-12-03T16:04:26.231Z

Reserved: 2024-01-25T00:00:00.000Z

Link: CVE-2024-24431

cve-icon Vulnrichment

Updated: 2024-12-03T16:04:19.996Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-15T19:15:06.137

Modified: 2025-04-22T17:26:58.343

Link: CVE-2024-24431

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses