NULL pointer dereference in Free5gc Ausf
CVE-2026-33063
free5GC is an open source 5G core network. free5GC AUSF prior to version 1.4.2 has is an Improper Null Check vulnerability leading to Denial of Service. All deployments of free5GC v4.0.1 using the AUSF UE authentication service (`/nausf-au…
EPSS: 0.001 (34.6th percentile) — read the EPSS interpretation.
Affected products
- Free5gc Ausf — versions < 1.4.2
Weakness classification (CWE)
References
- https://github.com/free5gc/free5gc/security/advisories/GHSA-4jrw-92fg-4jwx (x_refsource_CONFIRM)
- https://github.com/free5gc/free5gc/issues/778 (x_refsource_MISC)
- https://github.com/free5gc/ausf/pull/52 (x_refsource_MISC)
- https://github.com/free5gc/ausf/commit/3b9ac4403c2756dc89a5ed3cdcefe688458588aa (x_refsource_MISC)