CVE-2022-43221: n/a in n/a
open5gs v2.4.11 was discovered to contain a memory leak in the component src/upf/pfcp-path.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PFCP packet.
AI Analysis
Technical Summary
CVE-2022-43221 is a high-severity vulnerability identified in open5gs version 2.4.11, specifically within the UPF (User Plane Function) component's PFCP (Packet Forwarding Control Protocol) implementation, located in the source file src/upf/pfcp-path.c. The vulnerability is a memory leak (classified under CWE-401), which occurs when the system fails to properly release allocated memory after processing certain PFCP packets. An attacker can exploit this flaw by sending crafted PFCP packets to the affected UPF component, causing it to consume increasing amounts of memory over time. This resource exhaustion can lead to a Denial of Service (DoS) condition, where the UPF becomes unresponsive or crashes, disrupting the user plane traffic in 5G core networks. The vulnerability requires no authentication or user interaction and can be exploited remotely over the network, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N). Although no known exploits are reported in the wild, the vulnerability's nature and ease of exploitation make it a significant risk for operators using open5gs 2.4.11 in their 5G infrastructure. The UPF is critical in 5G networks as it handles data forwarding and traffic routing between the radio access network and external data networks, so its disruption can severely impact network availability and service continuity.
Potential Impact
For European organizations, especially telecom operators and enterprises deploying private 5G networks using open5gs, this vulnerability poses a substantial risk to network stability and service availability. A successful exploitation could result in partial or complete denial of user plane services, affecting end-user connectivity, data throughput, and overall network performance. This can lead to customer dissatisfaction, financial losses, and potential regulatory scrutiny under EU data protection and telecom regulations. Critical infrastructure relying on 5G connectivity, such as smart factories, healthcare systems, and transportation networks, could experience operational disruptions. Additionally, the DoS condition could be leveraged as part of a broader attack strategy to degrade network services during geopolitical tensions or cyber conflict scenarios affecting Europe.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should prioritize upgrading open5gs to a version where this memory leak is patched once available. In the interim, network administrators should implement strict network segmentation and filtering to restrict PFCP traffic to trusted sources only, minimizing exposure to untrusted networks. Deploying anomaly detection systems that monitor PFCP traffic patterns can help identify and block suspicious or malformed packets indicative of exploitation attempts. Resource limits and rate limiting on PFCP packet processing within the UPF can reduce the risk of memory exhaustion. Regular memory usage monitoring and automated alerts for unusual consumption spikes will enable rapid incident response. Additionally, organizations should engage with open5gs community or vendors for patches or workarounds and incorporate this vulnerability into their vulnerability management and incident response plans.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Sweden, Finland, Poland, Belgium
CVE-2022-43221: n/a in n/a
Description
open5gs v2.4.11 was discovered to contain a memory leak in the component src/upf/pfcp-path.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PFCP packet.
AI-Powered Analysis
Technical Analysis
CVE-2022-43221 is a high-severity vulnerability identified in open5gs version 2.4.11, specifically within the UPF (User Plane Function) component's PFCP (Packet Forwarding Control Protocol) implementation, located in the source file src/upf/pfcp-path.c. The vulnerability is a memory leak (classified under CWE-401), which occurs when the system fails to properly release allocated memory after processing certain PFCP packets. An attacker can exploit this flaw by sending crafted PFCP packets to the affected UPF component, causing it to consume increasing amounts of memory over time. This resource exhaustion can lead to a Denial of Service (DoS) condition, where the UPF becomes unresponsive or crashes, disrupting the user plane traffic in 5G core networks. The vulnerability requires no authentication or user interaction and can be exploited remotely over the network, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N). Although no known exploits are reported in the wild, the vulnerability's nature and ease of exploitation make it a significant risk for operators using open5gs 2.4.11 in their 5G infrastructure. The UPF is critical in 5G networks as it handles data forwarding and traffic routing between the radio access network and external data networks, so its disruption can severely impact network availability and service continuity.
Potential Impact
For European organizations, especially telecom operators and enterprises deploying private 5G networks using open5gs, this vulnerability poses a substantial risk to network stability and service availability. A successful exploitation could result in partial or complete denial of user plane services, affecting end-user connectivity, data throughput, and overall network performance. This can lead to customer dissatisfaction, financial losses, and potential regulatory scrutiny under EU data protection and telecom regulations. Critical infrastructure relying on 5G connectivity, such as smart factories, healthcare systems, and transportation networks, could experience operational disruptions. Additionally, the DoS condition could be leveraged as part of a broader attack strategy to degrade network services during geopolitical tensions or cyber conflict scenarios affecting Europe.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should prioritize upgrading open5gs to a version where this memory leak is patched once available. In the interim, network administrators should implement strict network segmentation and filtering to restrict PFCP traffic to trusted sources only, minimizing exposure to untrusted networks. Deploying anomaly detection systems that monitor PFCP traffic patterns can help identify and block suspicious or malformed packets indicative of exploitation attempts. Resource limits and rate limiting on PFCP packet processing within the UPF can reduce the risk of memory exhaustion. Regular memory usage monitoring and automated alerts for unusual consumption spikes will enable rapid incident response. Additionally, organizations should engage with open5gs community or vendors for patches or workarounds and incorporate this vulnerability into their vulnerability management and incident response plans.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2022-10-17T00:00:00.000Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682d9837c4522896dcbeb7e2
Added to database: 5/21/2025, 9:09:11 AM
Last enriched: 7/3/2025, 6:40:13 AM
Last updated: 8/12/2025, 1:31:09 AM
Views: 15
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.