SecBoard
Zurück zur CVE-Übersicht

CVE-2024-24445

MEDIUM(6.5)

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Risk Signal Score16/100 — NIEDRIG
  • CVSS 6.5 — Mittel

EPSS-Score

0%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

6.5

Technische Schwere

Beschreibung

OpenAirInterface CN5G AMF (oai-cn5g-amf) <= 2.0.0 contains a null dereference in its handling of unsupported NGAP protocol messages which allows an attacker with network-adjacent access to the AMF to carry out denial of service. When a procedure code/presence field tuple is received that is unsupported, OAI indexes into a null function pointer and subsequently dereferences it.

Referenzen