CVE-2024-24451

Published: Jan 21, 2025Modified: Jun 17, 2026Deferred

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

A stack overflow in the sctp_server::sctp_receiver_thread component of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) by repeatedly establishing SCTP connections with the N2 interface.

Related CWEs

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (3)

http://openairinterface.com

Source: cve@mitre.org

https://cellularsecurity.org/ransacked

Source: cve@mitre.org

https://cellularsecurity.org/ransacked

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Timeline

No history available yet.