VDB
CVE-2026-33904
CVE-2026-33904
PUBLISHED
CVSS 6.5 MEDIUM
Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, a deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denial of service for all subscribers. Version 1.7.0 adds deferred Radio cleanup in serveConn SCTP server so that every connection exit path removes the radio. Remove the stale-entry scan from SCTP Notification handling.
EPSS 0.02% · 6.5th percentile
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.02%
6.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ellanetworks | core | < 1.7.0, < 1.7.0, * |
| github.com | ellanetworks/core | 0, 0, 0 |
| ellanetworks | ella_core | 0 |
Exploit Intelligence
Timeline
- Mar 26, 2026 CVE Published
- Mar 27, 2026 CVE Updated
- Mar 27, 2026 Security Advisory
- Mar 27, 2026 PoC Published
- Mar 28, 2026 EPSS Score
- May 18, 2026 EPSS Score
- May 19, 2026 EPSS Score
- May 20, 2026 EPSS Score
- May 21, 2026 EPSS Score
- May 22, 2026 EPSS Score
- May 23, 2026 EPSS Score
- May 24, 2026 EPSS Score
References
- https://github.com/ellanetworks/core/security/advisories/GHSA-9h59-p45g-445h url
- https://github.com/ellanetworks/core/commit/999f606c5cae261471d9e3f063d7ecd1bd754076 url
- https://github.com/ellanetworks/core/releases/tag/v1.7.0 url
- https://nvd.nist.gov/vuln/detail/CVE-2026-33904 advisory
- https://github.com/ellanetworks/core package