A vulnerability was identified in omec-project amf up to 2.1.3-dev
A memory corruption vulnerability exists in the omec-project amf, allowing remote attackers to corrupt memory by manipulating an unknown function in the ngap/dispatcher.go file. This can cause the program to crash or execute arbitrary code. The vulnerability can be exploited by sending a crafted request to the affected component.
A vulnerability was identified in omec-project amf up to 2.1.3-dev. The affected element is an unknown function of the file ngap/dispatcher.go of the component NGAP Message Handler. The manipulation leads to memory corruption. The attack may be initiated remotely. The exploit is publicly available and might be used. Upgrading to version 2.2.0 is sufficient to fix this issue. It is suggested to upgrade the affected component. The same pull request fixes multiple security issues.
Users of the omec-project amf up to version 2.1.3-dev are at risk of remote memory corruption attacks, which can lead to denial-of-service or potentially more severe consequences.
Monitor & Review
Low severity — keep this CVE on your radar and patch during routine maintenance.
What should I do?
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
0
Affected Products
7
References
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Exploitability
Impact