CVE-2025-56568

Assertion failure vulnerability in the PCO (Protocol Configuration Options) parser in the SMF (Session Management Function) component of Open5GS before v2.7.5 allows remote attackers to cause denial of service via specially crafted NGAP messages containing malformed length fields in protocol configu...

none

Published: Apr 30, 2026

Modified: May 1, 2026

Description

Assertion failure vulnerability in the PCO (Protocol Configuration Options) parser in the SMF (Session Management Function) component of Open5GS before v2.7.5 allows remote attackers to cause denial of service via specially crafted NGAP messages containing malformed length fields in protocol configuration data.

References

https://github.com/open5gs/open5gs/commit/d7707879c943d2c952235382154d835b5849d54e
https://github.com/open5gs/open5gs/issues/3969