CVE-2024-24425 is a vulnerability identified in Magma version 1.8.0 and OAI EPC Federation version 1.20, both of which are open-source implementations of 5G core network components. The flaw exists in the amf_as_establish_req function located in the /tasks/amf/amf_as.cpp source file, where an out-of-bounds read occurs due to insufficient bounds checking when processing NAS (Non-Access Stratum) packets. Specifically, the vulnerability is classified under CWE-125 (Out-of-bounds Read), indicating that the software reads data outside the intended buffer boundaries, which can lead to undefined behavior. An attacker can exploit this vulnerability by sending a crafted NAS packet to the affected AMF (Access and Mobility Management Function) component, triggering a denial of service (DoS) condition by causing the process to crash or become unresponsive. The attack vector is network-based, requiring no privileges but some user interaction in the form of sending the malicious packet. The CVSS 3.1 base score is 6.5, indicating a medium severity level. No known exploits have been reported in the wild, and no official patches or fixes have been published at the time of disclosure. This vulnerability affects critical 5G core network infrastructure, potentially disrupting mobile network services that rely on these open-source platforms. The root cause is inadequate input validation and error handling in the NAS message processing code, which should be addressed by implementing proper bounds checks and robust parsing logic.

The primary impact of CVE-2024-24425 is a denial of service (DoS) condition on 5G core network components, specifically the AMF function within Magma and OAI EPC Federation deployments. This can lead to service outages or degraded network availability, affecting mobile subscribers' ability to connect, authenticate, or maintain sessions. For telecom operators and infrastructure providers, such disruptions can result in customer dissatisfaction, regulatory penalties, and financial losses. Given that Magma and OAI EPC Federation are used globally in both commercial and experimental 5G networks, the scope of impact can be significant, especially in regions relying on open-source solutions for cost-effective network deployment. The vulnerability does not directly compromise confidentiality or integrity but undermines network reliability and availability, which are critical for telecom services. Additionally, repeated exploitation attempts could increase operational costs due to incident response and mitigation efforts. While no known exploits exist currently, the medium CVSS score and ease of exploitation over the network make this a credible threat that requires timely attention.

To mitigate CVE-2024-24425, organizations should implement the following specific measures: 1) Apply patches or updates from Magma and OAI EPC Federation maintainers as soon as they become available, ensuring the amf_as_establish_req function includes proper bounds checking and input validation. 2) Conduct thorough code audits and static analysis on NAS message handling components to identify and remediate similar out-of-bounds read vulnerabilities. 3) Deploy network-level filtering and intrusion detection systems (IDS) to monitor and block malformed or suspicious NAS packets targeting the AMF interface. 4) Implement rate limiting and anomaly detection on NAS traffic to reduce the risk of DoS attacks exploiting this vulnerability. 5) Maintain strict segmentation and access controls on 5G core network elements to limit exposure to untrusted networks. 6) Establish incident response procedures to quickly detect and recover from service disruptions caused by malformed NAS packets. 7) Engage with the open-source community and vendors to track vulnerability disclosures and coordinate timely remediation. These targeted actions go beyond generic advice by focusing on the specific protocol and code areas involved in this vulnerability.