CVE-2023-47345: Buffer Overflow
First published: Wed Nov 15 2023(Updated: )
Buffer Overflow vulnerability in free5gc 3.3.0 allows attackers to cause a denial of service via crafted PFCP message with malformed PFCP Heartbeat message whose Recovery Time Stamp IE length is mutated to zero.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| go/github.com/free5gc/free5gc | <=3.3.0 | |
| Free5gc Free5gc | =3.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-47345?
CVE-2023-47345 is a buffer overflow vulnerability in free5gc 3.3.0 that allows attackers to cause a denial of service by sending a crafted PFCP message with a malformed PFCP Heartbeat message.
How does CVE-2023-47345 impact the affected software?
CVE-2023-47345 can cause a denial of service in free5gc 3.3.0.
What is the severity of CVE-2023-47345?
The severity of CVE-2023-47345 is not specified.
How can I fix CVE-2023-47345?
There is currently no known fix for CVE-2023-47345. It is recommended to update to a fixed version of the software when it becomes available.
Where can I find more information about CVE-2023-47345?
You can find more information about CVE-2023-47345 on the NIST NVD website and the GitHub repository for free5gc.
- collector/mitre-cve
- collector/nvd-api
- collector/github-advisory-latest
- alias/GHSA-6944-6pmv-6mp2
- alias/CVE-2023-47345
- collector/nvd-cve
- collector/github-advisory
- agent/weakness
- agent/type
- agent/event
- vendor/free5gc
- canonical/free5gc free5gc
- version/free5gc free5gc/3.3.0
- package-manager/go