Description
A security flaw has been discovered in Open5GS 2.7.7. This affects the function amf_context_final of the file src/amf/context.c of the component AMF. Performing a manipulation results in use after free. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks.
Problem types
Timeline
| 2026-07-09: | Advisory disclosed |
| 2026-07-09: | VulDB entry created |
| 2026-07-09: | VulDB entry last update |
Credits
Buggweb (VulDB User)
References
vuldb.com/vuln/377122 (VDB-377122 | Open5GS AMF context.c amf_context_final use after free)
vuldb.com/vuln/377122/cti (VDB-377122 | CTI Indicators (IOB, IOC, IOA))
vuldb.com/cve/CVE-2026-15194 (CVE-2026-15194 | CVE Analysis and Report)
vuldb.com/submit/851630 (Submit #851630 | Open5GS Project Open5GS 2.7.7 Use After Free)
github.com/...pen5gs/security/advisories/GHSA-88pq-hpwv-2vjw
github.com/open5gs/open5gs/