Skip to main content

CVE-2022-43221: n/a in n/a

High
VulnerabilityCVE-2022-43221cvecve-2022-43221
Published: Tue Nov 01 2022 (11/01/2022, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

open5gs v2.4.11 was discovered to contain a memory leak in the component src/upf/pfcp-path.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PFCP packet.

AI-Powered Analysis

AILast updated: 07/03/2025, 06:40:13 UTC

Technical Analysis

CVE-2022-43221 is a high-severity vulnerability identified in open5gs version 2.4.11, specifically within the UPF (User Plane Function) component's PFCP (Packet Forwarding Control Protocol) implementation, located in the source file src/upf/pfcp-path.c. The vulnerability is a memory leak (classified under CWE-401), which occurs when the system fails to properly release allocated memory after processing certain PFCP packets. An attacker can exploit this flaw by sending crafted PFCP packets to the affected UPF component, causing it to consume increasing amounts of memory over time. This resource exhaustion can lead to a Denial of Service (DoS) condition, where the UPF becomes unresponsive or crashes, disrupting the user plane traffic in 5G core networks. The vulnerability requires no authentication or user interaction and can be exploited remotely over the network, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N). Although no known exploits are reported in the wild, the vulnerability's nature and ease of exploitation make it a significant risk for operators using open5gs 2.4.11 in their 5G infrastructure. The UPF is critical in 5G networks as it handles data forwarding and traffic routing between the radio access network and external data networks, so its disruption can severely impact network availability and service continuity.

Potential Impact

For European organizations, especially telecom operators and enterprises deploying private 5G networks using open5gs, this vulnerability poses a substantial risk to network stability and service availability. A successful exploitation could result in partial or complete denial of user plane services, affecting end-user connectivity, data throughput, and overall network performance. This can lead to customer dissatisfaction, financial losses, and potential regulatory scrutiny under EU data protection and telecom regulations. Critical infrastructure relying on 5G connectivity, such as smart factories, healthcare systems, and transportation networks, could experience operational disruptions. Additionally, the DoS condition could be leveraged as part of a broader attack strategy to degrade network services during geopolitical tensions or cyber conflict scenarios affecting Europe.

Mitigation Recommendations

To mitigate this vulnerability, European organizations should prioritize upgrading open5gs to a version where this memory leak is patched once available. In the interim, network administrators should implement strict network segmentation and filtering to restrict PFCP traffic to trusted sources only, minimizing exposure to untrusted networks. Deploying anomaly detection systems that monitor PFCP traffic patterns can help identify and block suspicious or malformed packets indicative of exploitation attempts. Resource limits and rate limiting on PFCP packet processing within the UPF can reduce the risk of memory exhaustion. Regular memory usage monitoring and automated alerts for unusual consumption spikes will enable rapid incident response. Additionally, organizations should engage with open5gs community or vendors for patches or workarounds and incorporate this vulnerability into their vulnerability management and incident response plans.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2022-10-17T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682d9837c4522896dcbeb7e2

Added to database: 5/21/2025, 9:09:11 AM

Last enriched: 7/3/2025, 6:40:13 AM

Last updated: 8/9/2025, 3:55:01 AM

Views: 14

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats