CVE Vulnerabilities

CVE-2025-25774

Insufficient Control Flow Management

Published: Mar 12, 2025 | Modified: Mar 12, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

An issue was discovered in Open5GS v2.7.2. When a UE switches between two gNBs and sends a handover request at a specific time, it may cause an exception in the AMFs internal state machine, leading to an AMF crash and resulting in a Denial of Service (DoS).

Weakness

The code does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways.

References