| 标题 | Linux Foundation free5GC 4.1.0 Denial of Service |
|---|
| 描述 | free5GC AMF crashes when it receives an out-of-sequence NAS message during the registration procedure.
Specifically, after the AMF enters the state Waiting for IdentityResponse (after processing Security Mode Complete), sending a UplinkNASTransport that carries a Registration Complete NAS message causes the AMF process to crash.
This appears to be a missing state/transition validation (or missing nil/defensive checks) for handling Registration Complete when the UE has not yet completed the expected Identity Response step. |
|---|
| 来源 | ⚠️ https://github.com/free5gc/free5gc/issues/792 |
|---|
| 用户 | shovon0203 (UID 96191) |
|---|
| 提交 | 2026-03-06 16時46分 (2 月前) |
|---|
| 管理 | 2026-03-21 08時47分 (15 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 352319 [Free5GC 4.1.0 AMF internal/gmm/handler.go HandleRegistrationComplete 拒绝服务] |
|---|
| 积分 | 20 |
|---|