Cell Phone (iPhone, Android, windows mobile), Potential Risk of CVE

Starting from CVE-2024-34476, other design flaws have also been found, please use non-vulnerable Open5GS versions for development. (4-May-2024)

Leave a comment

Preface: The two prerequisites for running Open5GS are the Open5GS core and MongoDB. The MongoDB, a document-based database, for user equipment registration. MongoDB uses some weird special processor instruction, which is not provided in intel Celeron processor.

Background: The Access and Mobility Management Function (AMF) is one of the control plane network functions (NF) of the 5G core network (5GC). The control plane in 5G Network Architecture contains the AMF which is the first node in the control plane that connects to the gNB. And it is responsible for the access and mobility management. The SMF, that is responsible for session management.

Authentication messages are a set of NAS message involved in Athenticating UE to 5G RAN and Core Network. Mainly three NAS messages are involved : AuthenticationRequest, AuthenticationResponse. Important Information of RegistrationRequest are : Authentication Key Information.

Vulnerability details: Open5GS before 2.7.1 is vulnerable to a reachable assertion that can cause an AMF crash via NAS messages from a UE: ogs_nas_encrypt in lib/nas/common/security[.]c for pkbuf->len.

Official announcement: Please refer to the link for details – https://www.tenable.com/cve/CVE-2024-34476

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.