CVE-2024-24447 in oai-cn5g-amf
Summary
by MITRE • 11/15/2024
A buffer overflow in the ngap_amf_handle_pdu_session_resource_setup_response function of oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a PDU Session Resource Setup Response with an empty Response Item list.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 11/15/2024
The vulnerability identified as CVE-2024-24447 represents a critical buffer overflow condition within the oai-cn5g-amf software component, specifically within the ngap_amf_handle_pdu_session_resource_setup_response function. This flaw exists in versions up to v2.0.0 of the Open Air Interface core network 5G access management function, which serves as a crucial element in 5G network infrastructure for handling signaling between gNodeB and AMF. The issue stems from inadequate input validation when processing PDU Session Resource Setup Response messages, creating a scenario where malicious actors can exploit the system through crafted network traffic.
The technical exploitation of this vulnerability occurs when an attacker sends a PDU Session Resource Setup Response message containing an empty Response Item list to the affected AMF component. The ngap_amf_handle_pdu_session_resource_setup_response function fails to properly validate the length and content of the response item list before attempting to process or store this data in allocated memory buffers. This lack of proper bounds checking creates a classic buffer overflow condition where the system attempts to write data beyond the allocated buffer boundaries, potentially leading to memory corruption and system instability. The vulnerability aligns with CWE-121, which describes stack-based buffer overflow conditions, and represents a significant concern for 5G network security due to the critical role of AMF components in network signaling and session management.
The operational impact of this vulnerability extends beyond simple denial of service, as it can potentially compromise the entire 5G core network functionality managed by the affected AMF instance. When exploited, the buffer overflow can cause the AMF process to crash or become unresponsive, leading to complete disruption of PDU session establishment procedures for mobile users within the network coverage area. This disruption affects not only service availability but also impacts the overall network reliability and user experience, as users may experience connection failures or service interruptions during critical communication sessions. Network operators relying on the affected oai-cn5g-amf version face potential revenue loss and service degradation issues, particularly in environments where continuous connectivity is essential for mission-critical applications.
Mitigation strategies for CVE-2024-24447 should prioritize immediate software updates to versions beyond v2.0.0 where the buffer overflow has been addressed through proper input validation and memory management. Network administrators should implement network monitoring solutions to detect anomalous PDU Session Resource Setup Response messages that could indicate exploitation attempts, utilizing intrusion detection systems that can identify malformed signaling traffic patterns. The ATT&CK framework categorizes this vulnerability under T1499.004 for network denial of service, making it a significant concern for threat actors seeking to disrupt 5G network operations. Additionally, implementing network segmentation and access controls around the AMF components can limit the attack surface, while regular security assessments and penetration testing should be conducted to identify similar vulnerabilities in other network functions that may be susceptible to similar buffer overflow conditions.