CVE-2025-15156 | omec-project UPF up to 2.1.3-dev PFCP Session Establishment Request messages_session.go handleSessionEstablishmentRequest null pointer dereference (Issue 979)

A vulnerability classified as problematic has been found in omec-project UPF up to 2.1.3-dev. This affects the function handleSessionEstablishmentRequest of the file /pfcpiface/pfcpiface/messages_session.go of the component PFCP Session Establishment Request Handler. This manipulation causes null pointer dereference.

This vulnerability appears as CVE-2025-15156. The attack may be initiated remotely. In addition, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2025-15156 | omec-project UPF up to 2.1.3-dev PFCP Session Establishment Request messages_session.go handleSessionEstablishmentRequest null pointer dereference (Issue 979)

Post correlati

CVE-2024-1337 | SKT Page Builder Plugin up to 4.1 on WordPress authorization

CVE-2022-49353 | Linux Kernel up to 5.18.3 papr_scm drc_pmem_query_stats null pointer dereference

CVE-2025-0513 | Octopus Deploy Octopus Server information exposure

CVE-2023-50862 | Kashipara Group Travel Website 1.0 booking.php hotelIDHidden sql injection