| Titel | Open5GS SGWC v2.7.6 Denial of Service |
|---|
| Beschreibung | SGW-C can be crashed by sending an late CreateBearerResponse on S11 under a crafted call flow. When SGW-C receives the CreateBearerResponse after the relevant UE/session context has been removed or is otherwise not found, it hits an ogs_assert(sgwc_ue) in sgwc_s11_handle_create_bearer_response, causing immediate termination of the control-plane process |
|---|
| Quelle | ⚠️ https://github.com/open5gs/open5gs/issues/4225 |
|---|
| Benutzer | ZiyuLin (UID 93568) |
|---|
| Einreichung | 31.12.2025 10:41 (vor 4 Monaten) |
|---|
| Moderieren | 16.01.2026 17:36 (16 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 341595 [Open5GS bis 2.7.6 GTPv2 Bearer Response Denial of Service] |
|---|
| Punkte | 19 |
|---|