CVE-2023-23846
CVSS V2 None
CVSS V3 None
Description
Due to insufficient length validation in the Open5GS GTP library versions prior to versions 2.4.13 and 2.5.7, when parsing extension headers in GPRS tunneling protocol (GPTv1-U) messages, a protocol payload with any extension header length set to zero causes an infinite loop. The affected process becomes immediately unresponsive, resulting in denial of service and excessive resource consumption. CVSS3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
Overview
- CVE ID
- CVE-2023-23846
- Assigner
- disclosure@synopsys.com
- Vulnerability Status
- Analyzed
- Published Version
- 2023-02-01T03:15:08
- Last Modified Date
- 2023-02-08T15:49:43
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:* | 1 | OR | 2.4.13 | |
| cpe:2.3:a:open5gs:open5gs:2.5.6:*:*:*:*:*:*:* | 1 | OR |
References
| Reference URL | Reference Tags |
|---|---|
| https://www.synopsys.com/blogs/software-security/cyrc-advisory-open5gs-gtp-library/ | Third Party Advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-23846 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23846 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2023-04-17 07:01:32 | Added to TrackCVE | |||
| 2023-04-17 07:01:35 | Weakness Enumeration | new |