CVE-2024-37877 is a vulnerability identified in UERANSIM, an open-source 5G core network simulator, affecting versions prior to 3.2.6. The issue is an out-of-bounds read triggered when a malformed RLS (Radio Link Status) packet is sent to a gNodeB component with an incorrect Protocol Data Unit (PDU) length. Specifically, the vulnerability arises in the readOctetString function located in src/utils/octet_view.cpp and the DecodeRlsMessage function in src/lib/rls/rls_pdu.cpp. These functions improperly handle the length field of the RLS packet, leading to reading memory beyond the intended buffer boundaries (CWE-125). This can cause leakage of memory contents, potentially exposing sensitive information or causing application instability. The vulnerability requires an attacker to have network access to the target gNodeB and possess low-level privileges (PR:L) with user interaction (UI:R), indicating that some form of user action is needed to trigger the flaw. The CVSS v3.1 base score is 5.5, categorizing it as medium severity, with attack vector being network (AV:N), low attack complexity (AC:L), and limited impact on confidentiality, integrity, and availability (C:L/I:L/A:L). No public exploits or active exploitation in the wild have been reported to date. This vulnerability is particularly relevant for organizations deploying UERANSIM in their 5G network testing or research environments, as exploitation could lead to partial disclosure of memory data or service disruption. The lack of available patches at the time of reporting necessitates prompt attention to updates once released.

The primary impact of CVE-2024-37877 is an out-of-bounds read vulnerability that can lead to partial disclosure of memory contents, potentially exposing sensitive data processed by the UERANSIM gNodeB component. While the confidentiality impact is limited, attackers might leverage this information for further attacks or reconnaissance. Integrity and availability impacts are also low but possible, as malformed packets could cause application instability or crashes, affecting service continuity in simulated environments. Since UERANSIM is mainly used for 5G core network simulation and testing, the direct impact on production networks is limited; however, compromised test environments could lead to inaccurate testing results or delayed deployment of secure 5G infrastructure. The requirement for low privileges and user interaction reduces the likelihood of widespread exploitation but does not eliminate risk in controlled environments. Organizations relying on UERANSIM for research, development, or training could face operational disruptions and potential leakage of sensitive test data. The absence of known exploits reduces immediate risk but underscores the need for proactive mitigation.

1. Upgrade UERANSIM to version 3.2.6 or later as soon as the patch addressing CVE-2024-37877 becomes available. 2. Implement strict input validation and length checks on RLS packets within the network simulation environment to prevent malformed PDUs from triggering out-of-bounds reads. 3. Restrict network access to UERANSIM instances, especially the gNodeB interfaces, to trusted users and systems only, minimizing exposure to untrusted sources. 4. Monitor network traffic for anomalous or malformed RLS packets that could indicate attempted exploitation. 5. Employ runtime memory protection techniques such as AddressSanitizer or similar tools during testing to detect and mitigate out-of-bounds memory access. 6. Educate users and administrators about the risks of interacting with untrusted network inputs in simulation environments. 7. Maintain up-to-date backups and recovery plans for simulation data to mitigate potential availability impacts. 8. Collaborate with the UERANSIM development community to track vulnerability disclosures and patches promptly.