Nixpkgs security tracker
NIXPKGS-2026-1411
GitHub issue
published on
Permalink
CVE-2026-7781
4.3 MEDIUM
- CVSS version: 3.1
- Attack vector (AV):
- Attack complexity (AC):
- Privileges required (PR):
- User interaction (UI):
- Scope (S):
- Confidentiality impact (C):
- Integrity impact (I):
- Availability impact (A):
by @LeSuisse Activity log
- Created suggestion
- @LeSuisse ignored
- @LeSuisse ignored package open5gs-webui
- @LeSuisse accepted
- @LeSuisse published on GitHub
Open5GS amf-3gpp-access Endpoint nudm-handler.c udm_nudm_uecm_handle_amf_registration_update denial of service
A security vulnerability has been detected in Open5GS up to 2.7.7. Affected by this issue is the function udm_nudm_uecm_handle_amf_registration_update of the file /src/udm/nudm-handler.c of the component amf-3gpp-access Endpoint. The manipulation leads to denial of service. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.
References
-
VDB-360978 | Open5GS amf-3gpp-access Endpoint nudm-handler.c udm_nudm_uecm_handle_amf_registration_update denial of service vdb-entrytechnical-description
-
Ignored references (3)
-
-
Submit #806251 | Open5gs UDM v2.7.7 Denial of Service third-party-advisory
Affected products
Open5GS
- ==2.7.4
- ==2.7.0
- ==2.7.2
- ==2.7.5
- ==2.7.1
- ==2.7.3
- ==2.7.6
- ==2.7.7
Matching in nixpkgs
Package maintainers
-
@xddxdd Yuhui Xu <b980120@hotmail.com>
-
@Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com>