CVE-2026-41135: CWE-400: Uncontrolled Resource Consumption in free5gc pcf
CVE-2026-41135 is a memory leak vulnerability in free5GC's Policy Control Function (PCF) prior to version 1. 4. 3. An unauthenticated attacker with network access to the PCF SBI interface can cause uncontrolled memory growth by repeatedly sending HTTP requests to the OAM endpoint. The issue arises from a middleware registration inside an HTTP handler that grows the router's handler chain on every request, leading to memory exhaustion and denial of service. This disrupts 5G session establishment by preventing UEs from obtaining necessary policies. Version 1. 4. 3 includes a patch addressing this vulnerability.
AI Analysis
Technical Summary
free5GC PCF versions before 1.4.3 contain a memory leak vulnerability (CWE-400) caused by a `router.Use()` call inside an HTTP handler that registers a new CORS middleware on every incoming request. This behavior causes the Gin router's handler chain to grow indefinitely, resulting in progressive memory exhaustion. An unauthenticated attacker with network access to the PCF SBI interface can exploit this by sending repeated HTTP requests to the OAM endpoint, leading to denial of service that blocks all UEs from obtaining Access and Mobility (AM) and Session Management (SM) policies, thereby preventing 5G session establishment. The vulnerability has a CVSS 3.1 base score of 7.5 (high severity). The issue is fixed in free5GC version 1.4.3.
Potential Impact
Exploitation of this vulnerability results in uncontrolled memory growth on the PCF, causing denial of service. This prevents all user equipment (UEs) from obtaining necessary AM and SM policies, effectively blocking 5G session establishment. There is no impact on confidentiality or integrity reported. The vulnerability can be triggered by unauthenticated attackers with network access to the PCF SBI interface.
Mitigation Recommendations
A patch addressing this vulnerability is included in free5GC version 1.4.3. Users should upgrade to version 1.4.3 or later to remediate this issue. No vendor advisory was provided to indicate alternative mitigations or temporary fixes. Until patched, restricting network access to the PCF SBI interface may reduce exposure.
CVE-2026-41135: CWE-400: Uncontrolled Resource Consumption in free5gc pcf
Description
CVE-2026-41135 is a memory leak vulnerability in free5GC's Policy Control Function (PCF) prior to version 1. 4. 3. An unauthenticated attacker with network access to the PCF SBI interface can cause uncontrolled memory growth by repeatedly sending HTTP requests to the OAM endpoint. The issue arises from a middleware registration inside an HTTP handler that grows the router's handler chain on every request, leading to memory exhaustion and denial of service. This disrupts 5G session establishment by preventing UEs from obtaining necessary policies. Version 1. 4. 3 includes a patch addressing this vulnerability.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
free5GC PCF versions before 1.4.3 contain a memory leak vulnerability (CWE-400) caused by a `router.Use()` call inside an HTTP handler that registers a new CORS middleware on every incoming request. This behavior causes the Gin router's handler chain to grow indefinitely, resulting in progressive memory exhaustion. An unauthenticated attacker with network access to the PCF SBI interface can exploit this by sending repeated HTTP requests to the OAM endpoint, leading to denial of service that blocks all UEs from obtaining Access and Mobility (AM) and Session Management (SM) policies, thereby preventing 5G session establishment. The vulnerability has a CVSS 3.1 base score of 7.5 (high severity). The issue is fixed in free5GC version 1.4.3.
Potential Impact
Exploitation of this vulnerability results in uncontrolled memory growth on the PCF, causing denial of service. This prevents all user equipment (UEs) from obtaining necessary AM and SM policies, effectively blocking 5G session establishment. There is no impact on confidentiality or integrity reported. The vulnerability can be triggered by unauthenticated attackers with network access to the PCF SBI interface.
Mitigation Recommendations
A patch addressing this vulnerability is included in free5GC version 1.4.3. Users should upgrade to version 1.4.3 or later to remediate this issue. No vendor advisory was provided to indicate alternative mitigations or temporary fixes. Until patched, restricting network access to the PCF SBI interface may reduce exposure.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-04-17T12:59:15.738Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69e80fc419fe3cd2cd07fdbf
Added to database: 4/22/2026, 12:01:08 AM
Last enriched: 4/22/2026, 12:16:05 AM
Last updated: 4/22/2026, 1:08:23 AM
Views: 10
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.