| Title | Open5GS AMF Denial of Service |
|---|
| Description | The AMF (Access and Mobility Management Function) function of Open5GS crashes after receiving an improperly validated JSON payload (NULL BYTE). This payload is sent to an API endpoint of the AMF through the SBI interface (Namf).
Due to the crash of the AMF function, the whole 5G core implementation stops working because the AMF is a key component. Therefore, this represents a Denial of Service attack.
The bug comes from an improperly validated input in two source code files: lib/sbi/client.c and lib/sbi/nghttp2-server.c
The issue has been properly reported in the project's github and patched by the developer.
The research to discover this has been carried out by me Pablo Valle Alvear and my company Titanium Industrial Security. |
|---|
| Source | ⚠️ https://github.com/open5gs/open5gs/issues/1769 |
|---|
| User | popvlvs (ID 32693) |
|---|
| Submission | 25.09.2022 16:54 (2 years ago) |
|---|
| Moderation | 26.09.2022 08:14 (15 hours later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Entry | 209545 |
|---|