CVE-2025-25774: Open5gs Missing Npcf Am Policy Control Case
Missing handler for OGS_SBI_SERVICE_NAME_NPCF_AM_POLICY_CONTROL in the gmm_state_authentication function. An unexpected AM Policy Control response causes the AMF to hit a DEFAULT case that invokes ogs_assert_if_reached(), leading to a Denial of Service.
Provally CuratedPublic repositoryHighMedium confidenceVerifiedApache-2.0
Cβ
Cβgreprules fetch cve-2025-25774-open5gs-missing-npcf-am-policy-control-case --engine opengrepDescription
Missing handler for OGS_SBI_SERVICE_NAME_NPCF_AM_POLICY_CONTROL in the gmm_state_authentication function. An unexpected AM Policy Control response causes the AMF to hit a DEFAULT case that invokes ogs_assert_if_reached(), leading to a Denial of Service.
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0