Nixpkgs Security Tracker

Dismissed

Permalink CVE-2025-15531

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 1 month ago
@LeSuisse removed package open5gs-webui 1 month ago
@LeSuisse dismissed 1 month ago

Open5GS context.c sgwc_bearer_add assertion

A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwc_bearer_add of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The issue report is flagged as already-fixed.

Affected products

Open5GS

==2.7.3
==2.7.5
==2.7.0
==2.7.4
==2.7.1
==2.7.2

Matching in nixpkgs

pkgs.open5gs

4G/5G core network components

nixos-unstable 2.7.6
- nixpkgs-unstable 2.7.6
- nixos-unstable-small 2.7.6

Package maintainers

@Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com>

Current stable was never affected

https://github.com/NixOS/nixpkgs/commit/f66adc76c1ad6cd711af7267eea214e09e9515ee

Suggestion detail

Affected products

Matching in nixpkgs

pkgs.open5gs

Package maintainers