Nixpkgs Security Tracker

Dismissed

Permalink CVE-2025-15532

updated 1 month ago by @LeSuisse Activity log

Created automatic suggestion 1 month ago
@LeSuisse removed package open5gs-webui 1 month ago
@LeSuisse dismissed 1 month ago

Open5GS Timer resource consumption

A security flaw has been discovered in Open5GS up to 2.7.5. This issue affects some unknown processing of the component Timer Handler. The manipulation results in resource consumption. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The patch is identified as c7c131f8d2cb1195ada5e0e691b6868ebcd8a845. It is best practice to apply a patch to resolve this issue.

Affected products

Open5GS

==2.7.3
==2.7.5
==2.7.0
==2.7.4
==2.7.1
==2.7.2

Matching in nixpkgs

pkgs.open5gs

4G/5G core network components

nixos-unstable 2.7.6
- nixpkgs-unstable 2.7.6
- nixos-unstable-small 2.7.6

Package maintainers

@Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com>

Current stable was never affected

https://github.com/NixOS/nixpkgs/commit/f66adc76c1ad6cd711af7267eea214e09e9515ee

Suggestion detail

Affected products

Matching in nixpkgs

pkgs.open5gs

Package maintainers