CVE-2024-34476 | Open5GS up to 2.7.0 security.c ogs_nas_encrypt len assertion

Posted by Angelo Barbosa | May 5, 2024 | CVE

A vulnerability was found in Open5GS up to 2.7.0. It has been declared as problematic. Affected by this vulnerability is the function ogs_nas_encrypt in the library lib/nas/common/security.c. The manipulation of the argument len leads to reachable assertion.

This vulnerability is known as CVE-2024-34476. The attack needs to be approached within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-34476 | Open5GS up to 2.7.0 security.c ogs_nas_encrypt len assertion

Related Posts

CVE-2024-33558 | 8theme XStore Core Plugin up to 5.3.5 on WordPress authorization

CVE-2024-29831 | Apache DolphinScheduler up to 3.2.1 code injection

CVE-2024-36973 | Linux Kernel up to 6.10-rc3 pci1xxxx gp_aux_bus_probe double free (086c6cbcc563)

CVE-2023-28798 | Zscaler Client Connector prior 3.7.0.172 on macOS heap-based overflow