Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Details of issue NIXPKGS-2026-0005

NIXPKGS-2026-0005
published on
Permalink CVE-2026-1587
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV):
  • Attack complexity (AC):
  • Privileges required (PR):
  • User interaction (UI):
  • Scope (S):
  • Confidentiality impact (C):
  • Integrity impact (I):
  • Availability impact (A):
updated 2 months, 2 weeks ago by @fricklerhandwerk Activity log
  • Created automatic suggestion 2 months, 2 weeks ago
  • @fricklerhandwerk dismissed 2 months, 2 weeks ago
  • @fricklerhandwerk accepted 2 months, 2 weeks ago
  • @fricklerhandwerk published on GitHub 2 months, 2 weeks ago
Open5GS SGWC s11-handler.c sgwc_s11_handle_modify_bearer_request denial of service

A vulnerability has been found in Open5GS up to 2.7.6. The affected element is the function sgwc_s11_handle_modify_bearer_request of the file /sgwc/s11-handler.c of the component SGWC. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Applying a patch is the recommended action to fix this issue. The issue report is flagged as already-fixed.

Affected products

Open5GS
  • ==2.7.0
  • ==2.7.3
  • ==2.7.4
  • ==2.7.1
  • ==2.7.2
  • ==2.7.5
  • ==2.7.6

Matching in nixpkgs

pkgs.open5gs

4G/5G core network components

Package maintainers

jhk