CVE-2023-47346: A vulnerability encountered  on a 5G freeware. But do not contempt these technical factors. Perhaps it also encounter in other similar technology vendors.(14th Nov 2023)

Preface: The technology trend driven transformation in mobile communication world in global. Not only will mobile devices require more RAM to handle 5G-enabled multimedia applications and tasks, As a result, enhancing memory is key to unlocking the 5G future!

Background: The free5GC is an open-source project for 5th generation (5G) mobile core networks. The ultimate goal of this project is to implement the 5G core network (5GC) defined in 3GPP Release 15 (R15) and beyond.

What is 3GPP standard release 15? 3GPP Rel. 15 will update the MC service requirements of the railway and maritime industries. Low-power machine connectivity across trains, ships, and other automobiles will improve, leaving less room for error in critical transmissions and navigation pathway sharing.

Vulnerability details: Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages.

Official announcement: Please refer to the link for details –

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.