CVE-2025-29632: Buffer Overflow vulnerability in Free5gc v.4.0.0 allows a remote attacker to cause a denial of service via the AMF, NGAP, security.go,...

Description

Buffer Overflow vulnerability in Free5gc v.4.0.0 allows a remote attacker to cause a denial of service via the AMF, NGAP, security.go, handler_generated.go, handleInitialUEMessageMain, DecodePlainNasNoIntegrityCheck, GetSecurityHeaderType components

Classification

CVE ID: CVE-2025-29632

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 15.24% (scored less or equal to compared to others)

EPSS Date: 2025-06-08 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-29632
https://github.com/free5gc/free5gc/issues/657
https://github.com/OHnogood/CVE-2025-29632/

Timeline

2025-05-29 18:40:17 UTC
CVE

Buffer Overflow vulnerability in Free5gc v.4.0.0 allows a remote attacker to cause a denial of service via the AMF, NGAP, security.go,...