Vulnerabilities > CVE-2022-43223 - Memory Leak vulnerability in Open5Gs 2.4.11

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

open5gs

CWE-401

NVD

Published: 2022-11-01

Updated: 2022-11-02

Summary

open5gs v2.4.11 was discovered to contain a memory leak in the component ngap-handler.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted UE attachment.

Vulnerable Configurations

Part	Description	Count
Application	Open5Gs Open5Gs Open5Gs 2.4.11	1

Common Weakness Enumeration (CWE)

CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

References

https://github.com/ToughRunner/Open5gs_bugreport2