Open5GS AMF远程拒绝服务漏洞(CVE待分配)

漏洞总结 漏洞概述 标题: [Bug]: Reachable assertion in message.c:build_json allows remote Denial of Service of AMF #4321 状态: Closed 报告者: ljungnickel 报告时间: Feb 19 漏洞类型: 远程拒绝服务 (Remote Denial of Service) 漏洞描述: 当接收到包含非零、不存在 GUTI 作为 SGID 的 AMF UE 的 InitialUEMessage NGAP 消息时，AMF 会崩溃。 影响范围 受影响版本: OpenSGS Release, Revision, or Tag: v2.7.0 受影响组件: AMF (Access and Mobility Management Function) 修复方案 修复者: acetcom 修复时间: Mar 10 修复内容: - 添加了一个引用此问题的提交。 - 修复了 normalize invalid reg type 和 ignore placeholder 5G-GUTI in con 的问题。 日志信息 `` item != NULL' [../lib/core/ogsi-assert.c:173] 02/18 16:15:45.044: [core] FATAL: backtrace() returned 16 addresses [../lib/core/ogsi-assert.c:37] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b319f7f99) [0x7f2b319f7f99] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b31976742) [0x7f2b31976742] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libopen5gs.so.2(0x7f2b3196f92a) [0x7f2b3196f92a] /home/fuzz/open5gs_prod/install/lib/x86_64-linux-gnu/libope

目标达成感谢每一位支持者 — 我们达成了 100% 目标！

Open5GS AMF远程拒绝服务漏洞(CVE待分配)

同源更多文章

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

Open5GS AMF远程拒绝服务漏洞(CVE待分配)

同源更多文章

目标达成感谢每一位支持者 — 我们达成了 100% 目标！