VDB
CISA-2024-24425
CISA-2024-24425
PUBLISHED
CVSS 6.5 MEDIUM
Reported by mitre · Published November 15, 2024
Magma v1.8.0 and OAI EPC Federation v1.20 were discovered to contain an out-of-bounds read in the amf_as_establish_req function at /tasks/amf/amf_as.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, * |
| oai_epc_federation | oai_epc_federation | 1.20, 1.20 |
| magma | magma | 1.20, 1.20 |
Timeline
- Nov 15, 2024 CVE Published
- Nov 19, 2024 CVE Updated