CVE-2025-44951
Published
CVSS v3
7.1
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
A missing length check in `ogs_pfcp_dev_add` function from PFCP library, used by both smf and upf in open5gs 2.7.2 and earlier, allows a local attacker to cause a Buffer Overflow by changing the `session.dev` field with a value with length greater than 32.
Open5GS is a C-language Open Source implementation for 5G Core and EPC, i.e. the core network of LTE/NR network (Release-17)
GitHub