Skip to main content

CVE-2026-30075

| EUVDEUVD-2026-20509 HIGH
Classic Buffer Overflow (CWE-120)
2026-04-08 mitre
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Apr 08, 2026 - 17:16 euvd
EUVD-2026-20509
Analysis Generated
Apr 08, 2026 - 17:16 vuln.today
CVE Published
Apr 08, 2026 - 00:00 nvd
HIGH 7.5

DescriptionCVE.org

OpenAirInterface Version 2.2.0 has a Buffer Overflow vulnerability in processing UplinkNASTransport containing Authentication Response containing a NAS PDU with oversize response (For example 100 byte). The response is decoded by AMF and passed to the AUSF component for verification. AUSF crashes on receiving this oversize response. This can prohibit users from further registration and verification and can cause Denial of Services (DoS).

AnalysisAI

Buffer overflow in OpenAirInterface 2.2.0 AUSF component crashes service when processing oversized NAS PDU Authentication Response via UplinkNASTransport messages. Unauthenticated remote attackers can send malformed authentication responses (e.g., 100-byte payloads exceeding expected bounds) triggering AUSF component crash, preventing legitimate user registration and verification. Affects 5G core network deployments using OpenAirInterface AUSF. No public exploit identified at time of analysis. CVSS 7.5 High severity due to network-accessible denial of service without authentication requirements.

Technical ContextAI

CWE-120 buffer overflow occurs in AUSF component's NAS PDU decoder when processing Authentication Response messages exceeding expected buffer size. AMF forwards oversized response to AUSF without validation, triggering memory corruption and component crash. Affects cn5g-ausf implementation in OpenAirInterface 5G Core Network stack.

RemediationAI

Review vendor issue tracker at https://gitlab.eurecom.fr/oai/cn5g/oai-cn5g-ausf/-/issues/6 for upstream fix status. Upstream fix available (issue #6); released patched version not independently confirmed at time of analysis. Recommended immediate actions: implement network-level input validation filtering oversized NAS PDU messages before reaching AUSF component, deploy rate limiting on UplinkNASTransport processing, monitor AUSF component health with automatic restart capability. For production 5G core deployments, isolate AUSF component with strict firewall rules permitting only authenticated AMF traffic. Consult official advisory at https://nvd.nist.gov/vuln/detail/CVE-2026-30075 for vendor updates. Subscribe to OpenAirInterface security notifications for patched release announcements.

Share

CVE-2026-30075 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy