CVE-2023-46324: free5GC udm vulnerable to Invalid Curve Attack

October 23, 2023 (updated January 9, 2024)

pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the UDM, which tries to decrypt them via both its private key and the attacker’s public key.

References

github.com/advisories/GHSA-cqvv-r3g3-26rf
github.com/free5gc/udm/commit/5e1479cc686f058992557669b13fd3761a1b6024
github.com/free5gc/udm/compare/v1.1.1...v1.2.0
github.com/free5gc/udm/pull/20
nvd.nist.gov/vuln/detail/CVE-2023-46324

Detect and mitigate CVE-2023-46324 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →