CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-24426
https://notcve.org/view.php?id=CVE-2024-24426
Reachable assertions in the NGAP_FIND_PROTOCOLIE_BY_ID function of OpenAirInterface Magma v1.8.0 and OAI EPC Federation v1.2.0 allow attackers to cause a Denial of Service (DoS) via a crafted NGAP packet. • https://cellularsecurity.org/ransacked https://github.com/OPENAIRINTERFACE/openair-epc-fed https://github.com/magma/magma •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-24431
https://notcve.org/view.php?id=CVE-2024-24431
A reachable assertion in the ogs_nas_emm_decode function of Open5GS v2.7.0 allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet with a zero-length EMM message length. • https://cellularsecurity.org/ransacked https://open5gs.org •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-24447
https://notcve.org/view.php?id=CVE-2024-24447
A buffer overflow in the ngap_amf_handle_pdu_session_resource_setup_response function of oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a PDU Session Resource Setup Response with an empty Response Item list. • https://cellularsecurity.org/ransacked https://openairinterface.org • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-24450
https://notcve.org/view.php?id=CVE-2024-24450
Stack-based memcpy buffer overflow in the ngap_handle_pdu_session_resource_setup_response routine in OpenAirInterface CN5G AMF <= 2.0.0 allows a remote attacker with access to the N2 interface to carry out denial of service against the AMF and potentially execute code by sending a PDU Session Resource Setup Response with a suffciently large FailedToSetupList IE. • https://cellularsecurity.org/ransacked https://openairinterface.org • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-24452
https://notcve.org/view.php?id=CVE-2024-24452
An invalid memory access when handling the ProtocolIE_ID field of E-RAB Release Indication messages in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service (DoS) to the cellular network by repeatedly initiating connections and sending a crafted payload. • http://athonet.com https://cellularsecurity.org/ransacked • CWE-125: Out-of-bounds Read •