CyRC Vulnerability Advisory: CVE-2023-23846 Denial-of-Service Vulnerability in Open5GS GTP Library
By : Nata Kesuma | Sunday, February 05 2023 - 22:55 IWST

The Synopsys Cybersecurity Research Center (CyRC)
INDUSTRY.co.id - Singapore- The Synopsys Cybersecurity Research Center (CyRC) has exposed CVE-2023-23846, a vulnerability in Open5GS. Open5GS is a C-language open source implementation that provides both 4G/LTE enhanced packet core (EPC) and 5G functionalities for mobile network deployments with an AGPLv2 or commercial license.
It is primarily used to build and deploy private LTE/5G telecom network core functions by researchers and commercial entities such as telecom network operators.
Due to insufficient length validation in the Open5GS GTP library when parsing extension headers in GPRS tunneling protocol (GPTv1-U) messages, a protocol payload with any extension header length set to zero causes an infinite loop. The affected process becomes immediately unresponsive, resulting in denial of service and excessive resource consumption.
Because the code resides in a common GTP library that is shared across different functions, this vulnerability is effectively present in all deployed endpoints configured to accept and handle GTP-U messages, including the 5G user plane function (UPF, provided by open5gs-upfd), the 5G session management function (SMF, provided by open5gs-smfd), and the LTE/EPC serving gateway user plane function (SGW-U, provided by open5gs-sgwud).
Read Also
Wireless Logic Selected By Thales As IoT Connectivity Partner
Totolink Strengthens Commitment to Innovative and Reliable Network…
BDDC Inaugurates JST1 TIER IV Data Centre in Jakarta to Strengthen…
MoreLogin, the World's #1 Antidetect Browser, Showcased at Affiliate…
Experts gather in Nanning to support high-quality development of…
Today's Industry

Senin, 09 Juni 2025 - 14:22 WIB
Savyavasa and Permata Bank Launch Exclusive Foreign Mortgage Program
Savyavasa, a luxury residential development by Swire Properties and JSI Group under PT Jantra Swarna Dipta, in collaboration with Permata Bank, presents a new solution for foreign nationals…

Rabu, 21 Mei 2025 - 10:09 WIB
Indonesia, Thailand Sign MoU on Health Sector, Focusing on Global Capacity, Collaboration
As a part of President Prabowo Subianto’s official visit to Thailand, both countries signed a Memorandum of Understanding (MoU) on health sector, in an effort to strengthen bilateral cooperation…

Rabu, 21 Mei 2025 - 10:06 WIB
Indonesia, Thailand Deepen Cooperation on Security, Trade, and Regional Stability
resident Prabowo Subianto has reaffirmed Indonesia’s strong commitment to deepening bilateral relations with Thailand during the meeting with Thailand’s Prime Minister Paetongtarn Shinawatra…

Selasa, 20 Mei 2025 - 12:44 WIB
Boediman Widjaja's Technology Ready to be Adopted in Jababeka Industrial Estate (KIJA)
In an exclusive seminar entitled "A Great Step: Boediman Widjaja Story - Going from Indonesia, Thriving in Singapore" held at the President Lounge, Menara Batavia, Boediman Widjaja, Founder…

Jumat, 02 Mei 2025 - 10:46 WIB
Binawan and Government Support Indonesian Nurses in Europe through Scholarships
In the midst of the viral #KaburAjaDulu hashtag as a symbol of the young generation's disappointment with domestic working conditions, Binawan responded with real action: dispatching Indonesian…
News Comment