Submit #621282: Open5GS <=2.7.5 Reachable Assertioninfo

TitleOpen5GS <=2.7.5 Reachable Assertion
DescriptionIn Open5GS versions ≤2.7.5, improper state validation during SM context release while in security mode triggers a fatal assertion, causing AMF service crashes. This allows malicious UEs to disrupt core network availability via malformed NAS messages.
Source⚠️ https://github.com/open5gs/open5gs/issues/4012 / https://github.com/open5gs/open5gs/commit/66bc558e417e70ae216ec155e4e81c14ae0ecf30
User
 SQ0409 (UID 85579)
Submission07/23/2025 08:15 (9 months ago)
Moderation08/07/2025 12:50 (15 days later)
StatusAccepted
VulDB entry319128 [Open5GS up to 2.7.5 AMF Service src/amf/nsmf-handler.c amf_nsmf_pdusession_handle_release_sm_context assertion]
Points17

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!