Open5GS SCTP Partial Message recv_handler assertion

July 12, 2025 invoker category_cve

CVE Details

Basic Information

Title Open5GS SCTP Partial Message recv_handler assertion
Type cve
Published 2025-07-12T18:32:07.219Z
Modified 2025-07-12T18:32:07.219Z

Product Information

Vendor n/a
Product Open5GS
Version 2.7.0

CVSS Information

Base Score 4.8 (MEDIUM)
Attack Vector CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X

Affected Products

  • n/a Open5GS 2.7.0
  • n/a Open5GS 2.7.1
  • n/a Open5GS 2.7.2
  • n/a Open5GS 2.7.3

Additional Information

CWE List CWE-617
Source VulDB

Description

A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngap_recv_handler/s1ap_recv_handler/recv_handler of the component SCTP Partial Message Handler. The manipulation leads to reachable assertion. The attack needs to be approached locally. The patch is named cfa44575020f3fb045fd971358442053c8684d3d. It is recommended to apply a patch to fix this issue.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.