CVE-2024-24420

Exploit

EPSS 0.08%
Published 21.01.2025 23:15:12
Last modified 03.07.2025 00:49:21
Source cve@mitre.org
Teams watchlist Login
Open Login

A reachable assertion in the decode_linked_ti_ie function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Linuxfoundation ≫ Magma Update- Version <= 1.8.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.254

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

https://cellularsecurity.org/ransacked

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2024-24420

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-24420

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-24420

EUVD