Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2026-4988

3.7 LOW

CVSS version: 3.1
Attack vector (AV):
Attack complexity (AC):
Privileges required (PR):
User interaction (UI):
Scope (S):
Confidentiality impact (C):
Integrity impact (I):
Availability impact (A):

created 2 weeks, 3 days ago

Open5GS CCA Message smf_s6b denial of service

A security flaw has been discovered in Open5GS 2.7.6. This issue affects the function smf_gx_cca_cb/smf_gy_cca_cb/smf_s6b of the component CCA Message Handler. The manipulation results in denial of service. The attack may be launched remotely. Attacks of this nature are highly complex. The exploitability is assessed as difficult. The exploit has been released to the public and may be used for attacks.

References

VDB-353875 | Open5GS CCA Message smf_s6b denial of service vdb-entrytechnical-description
VDB-353875 | CTI Indicators (IOB, IOC, TTP, IOA) signaturepermissions-required
Submit #771349 | Open5GS SMF v2.7.6 Denial of Service third-party-advisory
https://github.com/open5gs/open5gs/issues/4342 issue-tracking
https://github.com/open5gs/open5gs/issues/4342#issue-4021772232 exploitissue-tracking
https://github.com/open5gs/open5gs/ product

Affected products

Open5GS

==2.7.6

Matching in nixpkgs

pkgs.open5gs

4G/5G core network components

nixos-unstable 2.7.6
- nixpkgs-unstable 2.7.6
- nixos-unstable-small 2.7.6
nixos-25.11 2.7.6
- nixos-25.11-small 2.7.6
- nixpkgs-25.11-darwin 2.7.6

pkgs.open5gs-webui

4G/5G core network components

nixos-unstable 2.7.6
- nixpkgs-unstable 2.7.6
- nixos-unstable-small 2.7.6
nixos-25.11 2.7.6
- nixos-25.11-small 2.7.6
- nixpkgs-25.11-darwin 2.7.6

Package maintainers

@Bot-wxt1221 Bot-wxt1221 <3264117476@qq.com>
@xddxdd Yuhui Xu <b980120@hotmail.com>