forked from acouzens/open5gs
3cfa8ba301
In InitialUEMessage, send a NAS message with a message type other than Registration Request, Deregistration Request, or Service Request, the following messages from UE will not be accepted. We found this issue in not only the initial state but multiple states. We believe if an attacker has the ability to inject a NAS message to the core, it can perform a DoS attack on the victim UE. So, I've fixed that The MME/AMF deletes MME_UE_S1AP_ID/AMF_UE_NGAP_ID, and will not accept any following messages from the UE. |
||
---|---|---|
.. | ||
abts-main.c | ||
auth-test.c | ||
crash-test.c | ||
dereg-test.c | ||
ecc-test.c | ||
gmm-status-test.c | ||
guti-test.c | ||
identity-test.c | ||
idle-test.c | ||
meson.build | ||
multi-ue-test.c | ||
reset-test.c | ||
simple-test.c | ||
ue-context-test.c |