OpenAirInterface Version 2.2.0 has a Buffer Overflow vulnerability in processing UplinkNASTransport containing Authentication Response containing a NAS PDU with oversize response (For example 100 byte). The response is decoded by AMF and passed to the AUSF component for verification. AUSF crashes on receiving this oversize response. This can prohibit users from further registration and verification and can cause Denial of Services (DoS).

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

No data.

No data.

No data.

No data.

References
Link Providers
https://gitlab.eurecom.fr/oai/cn5g/oai-cn5g-ausf/-/issues/6 cve-icon cve-icon
https://gitlab.eurecom.fr/oai/cn5g/oai-cn5g-ausf/-/issues?show=eyJpaWQiOiI2IiwiZnVsbF9wYXRoIjoib2FpL2NuNWcvb2FpLWNuNWctYXVzZiIsImlkIjo1NDE5fQ%3D%3D cve-icon cve-icon
History

Wed, 08 Apr 2026 17:00:00 +0000

Type Values Removed Values Added
Description OpenAirInterface Version 2.2.0 has a Buffer Overflow vulnerability in processing UplinkNASTransport containing Authentication Response containing a NAS PDU with oversize response (For example 100 byte). The response is decoded by AMF and passed to the AUSF component for verification. AUSF crashes on receiving this oversize response. This can prohibit users from further registration and verification and can cause Denial of Services (DoS).
References
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-08T16:43:29.076Z

Reserved: 2026-03-04T00:00:00.000Z

Link: CVE-2026-30075

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-08T17:21:18.503

Modified: 2026-04-08T17:21:18.503

Link: CVE-2026-30075

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.