CVE-2025-29646

Severity CVSS v4.0:
Pending analysis
Type:
CWE-20 Input Validation
Publication date:
18/06/2025
Last modified:
09/07/2025

Description

An issue in upf in open5gs 2.7.2 and earlier allows a remote attacker to cause a Denial of Service via a crafted PFCP SessionEstablishmentRequest packet with restoration indication = true and (teid = 0 or teid >= ogs_pfcp_pdr_teid_pool.size).

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:* 2.7.2 (including)