open5gs

History

Sukchan Lee 3cfa8ba301 [AMF/MME] NAS message in an invaild state (#3131 ) In InitialUEMessage, send a NAS message with a message type other than Registration Request, Deregistration Request, or Service Request, the following messages from UE will not be accepted. We found this issue in not only the initial state but multiple states. We believe if an attacker has the ability to inject a NAS message to the core, it can perform a DoS attack on the victim UE. So, I've fixed that The MME/AMF deletes MME_UE_S1AP_ID/AMF_UE_NGAP_ID, and will not accept any following messages from the UE.		2024-04-13 13:25:09 +09:00
..
abts-main.c	[AMF] Fixed crash in no context setup (#2999 )	2024-03-04 21:03:07 +09:00
auth-test.c	[AMF/MME] UEContextReleaseCommand after Interity Protected (#2786 ) (#2794 )	2023-12-13 17:54:37 +09:00
crash-test.c	[SEC] Vulnerabilities have been resolved (#2945 )	2024-03-06 07:20:50 +09:00
dereg-test.c	[AMF/SMF] Resolved the Issue of Session Release Based on the Order of N1/N2 Messages (#2917 )	2024-02-03 09:42:09 +09:00
ecc-test.c	Introduced Subscription identifier de-concealing	2022-12-24 20:22:45 +09:00
gmm-status-test.c	[AMF/MME] No STATE Change for the EMM/GMM-STATUS	2024-02-03 10:16:16 +09:00
guti-test.c	[MME/AMF] Fixed crash following Handover Request (#3014 )	2024-02-29 23:02:38 +09:00
identity-test.c	[AMF/MME] NAS message in an invaild state (#3131 )	2024-04-13 13:25:09 +09:00
idle-test.c	[MME/AMF] Fixed crash following Handover Request (#3014 )	2024-02-29 23:02:38 +09:00
meson.build	[AMF] Fixed crash in no context setup (#2999 )	2024-03-04 21:03:07 +09:00
multi-ue-test.c	[AMF] Fixed MEMORY LEAK (#1925 )	2023-01-21 09:02:44 +09:00
reset-test.c	Introduced Subscription identifier de-concealing	2022-12-24 20:22:45 +09:00
simple-test.c	Introduced Subscription identifier de-concealing	2022-12-24 20:22:45 +09:00
ue-context-test.c	[AMF/MME] UEContextReleaseCommand after Interity Protected (#2786 ) (#2794 )	2023-12-13 17:54:37 +09:00