Vulnerability in Free5gc Amf

CVE-2025-69248

free5GC is an open-source project for 5th generation (5G) mobile core networks. Versions up to and including 1.4.1 of free5GC's AMF service have a Buffer Overflow vulnerability leading to Denial of Service. Remote unauthenticated attackers…

EPSS: 0.005 (65.3th percentile) — read the EPSS interpretation.

Affected products

Free5gc Amf — versions <= 1.4.1

Weakness classification (CWE)

CWE-129 — Improper Validation of Array Index

References

https://github.com/free5gc/free5gc/security/advisories/GHSA-h6xc-8vvf-jcjp (x_refsource_CONFIRM)
https://github.com/free5gc/free5gc/issues/747 (x_refsource_MISC)
https://github.com/free5gc/nas/pull/43 (x_refsource_MISC)
https://github.com/free5gc/nas/commit/0329a7ac3f314f210366c1b3c33dc29eded4ac5f (x_refsource_MISC)