Nixpkgs security tracker

Login with GitHub

Suggestion detail

Untriaged
Permalink CVE-2026-1737
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV):
  • Attack complexity (AC):
  • Privileges required (PR):
  • User interaction (UI):
  • Scope (S):
  • Confidentiality impact (C):
  • Integrity impact (I):
  • Availability impact (A):
created 2 months, 3 weeks ago Activity log
  • Created suggestion 2 months, 3 weeks ago
Open5GS CreateBearerRequest s5c-handler.c sgwc_s5c_handle_create_bearer_request assertion

A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function sgwc_s5c_handle_create_bearer_request of the file /src/sgwc/s5c-handler.c of the component CreateBearerRequest Handler. Performing a manipulation results in reachable assertion. Remote exploitation of the attack is possible. The exploit is now public and may be used. To fix this issue, it is recommended to deploy a patch. The issue report is flagged as already-fixed.

Affected products

Open5GS
  • ==2.7.5
  • ==2.7.6
  • ==2.7.1
  • ==2.7.2
  • ==2.7.4
  • ==2.7.3
  • ==2.7.0

Matching in nixpkgs

pkgs.open5gs

4G/5G core network components

  • nixos-unstable 2.7.6
    • nixpkgs-unstable 2.7.6
    • nixos-unstable-small 2.7.6
  • nixos-25.11 -
    • nixos-25.11-small 2.7.6
    • nixpkgs-25.11-darwin 2.7.6

Package maintainers