CVE-2023-47345: free5gc Buffer Overflow vulnerability

November 16, 2023

Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP message with malformed PFCP Heartbeat message whose Recovery Time Stamp IE length is mutated to zero.

References

github.com/advisories/GHSA-6944-6pmv-6mp2
github.com/free5gc/free5gc/issues/483
nvd.nist.gov/vuln/detail/CVE-2023-47345

Code Behaviors & Features

Detect and mitigate CVE-2023-47345 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →