Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1jcXZ2LXIzZzMtMjZyZs4AA2nX
free5GC udm vulnerable to Invalid Curve Attack
pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the UDM, which tries to decrypt them via both its private key and the attacker's public key.
Permalink: https://github.com/advisories/GHSA-cqvv-r3g3-26rfJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1jcXZ2LXIzZzMtMjZyZs4AA2nX
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: about 1 year ago
Updated: 11 months ago
CVSS Score: 7.5
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Percentage: 0.00125
EPSS Percentile: 0.48552
Identifiers: GHSA-cqvv-r3g3-26rf, CVE-2023-46324
References:
- https://nvd.nist.gov/vuln/detail/CVE-2023-46324
- https://github.com/free5gc/udm/pull/20
- https://github.com/free5gc/udm/compare/v1.1.1...v1.2.0
- https://github.com/free5gc/udm/commit/5e1479cc686f058992557669b13fd3761a1b6024
- https://www.gsma.com/security/wp-content/uploads/2023/10/0073-invalid_curve.pdf
- https://github.com/advisories/GHSA-cqvv-r3g3-26rf
Blast Radius: 7.2
Affected Packages
go:github.com/free5gc/udm
Dependent packages: 0Dependent repositories: 9
Downloads:
Affected Version Ranges: < 1.2.0
Fixed in: 1.2.0
All affected versions: 1.0.0, 1.0.1, 1.0.2, 1.1.0, 1.1.1
All unaffected versions: 1.2.0, 1.2.1, 1.2.2, 1.2.3, 1.2.4, 1.3.0