CVE-2025-66720 | Free5GC 1.4.0 ampolicy.go HandleDeletePoliciesPolAssoId null pointer dereference (Issue 726)

Inserito da Angelo Barbosa | Gen 23, 2026 | CVE

A vulnerability was found in Free5GC 1.4.0. It has been declared as problematic. This issue affects the function HandleDeletePoliciesPolAssoId of the file internal/sbi/processor/ampolicy.go. Such manipulation leads to null pointer dereference.

This vulnerability is listed as CVE-2025-66720. The attack must be carried out from within the local network. There is no available exploit.

A patch should be applied to remediate this issue.

CVE-2025-66720 | Free5GC 1.4.0 ampolicy.go HandleDeletePoliciesPolAssoId null pointer dereference (Issue 726)

Post correlati

CVE-2025-39918 | Linux Kernel up to 6.12.45/6.16.5 wifi stack-based overflow

CVE-2024-0834 | webtechstreet Elementor Addon Elements Plugin 1.12.11 on WordPress cross site scripting

CVE-2024-32602 | OnTheGoSystems WooCommerce Multilingual & Multicurrency Plugin up to 5.3.3.1 on WordPress sql injection

CVE-2024-10282 | Tenda RX9/RX9 Pro 22.03.02.10/22.03.02.20 SetVirtualServerCfg sub_42EA38 list stack-based overflow