CVE-2022-43677

Published: Oct 24, 2022
Updated: Dec 9, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-43677" target="_blank" rel="noopener"> CVE-2022-43677
GHSA: <a href="https://github.com/advisories/GHSA-59hj-62f5-fgmc" target="_blank" rel="noopener"> GHSA-59hj-62f5-fgmc
Severity: Medium
Exploit:

In free5GC 3.2.1, a malformed NGAP message can crash the AMF and NGAP decoders via an index-out-of-range panic in aper.GetBitString.

CVSS v3:

No CWE or OWASP classifications available.

Software	From	Fixed in
free5gc / free5gc	3.2.1	3.2.1.x
github.com/free5gc/free5gc	-	3.2.1.x