CVE-2026-44318

Exploit

EPSS 0.27%
Veröffentlicht 27.05.2026 15:35:41
Zuletzt bearbeitet 28.05.2026 18:24:58
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

free5GC: BSF concurrent PUT /nbsf-management/v1/subscriptions/{subId} crashes the BSF process via concurrent map read/write on Subscriptions

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's BSF PUT /nbsf-management/v1/subscriptions/{subId} handler has an unsynchronized write on the global Subscriptions map. The handler first reads the map under RLock() via BSFContext.GetSubscription(subId), but if the subscription does not exist, ReplaceIndividualSubcription() writes back to the same map directly without taking the mutex (bsfContext.BsfSelf.Subscriptions[subId] = subscription). Under concurrent authenticated PUT load, one goroutine can read while another writes the map, which causes the Go runtime to abort the process with fatal error: concurrent map read and map write (Go runtime panics that come from concurrent map access bypass recover() and terminate the process). The BSF container exits with code 2 -- the entire BSF SBI surface goes down until restart. This vulnerability is fixed in 4.2.2.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 7

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Free5gc ≫ Free5gc Version < 4.2.2

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.27%	0.182

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.3	1.6	3.6	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
security-advisories@github.com	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

CWE-820 Missing Synchronization

The product utilizes a shared resource in a concurrent manner but does not attempt to synchronize access to the resource.

https://github.com/free5gc/free5gc/security/advisories/GHSA-27ph-8q4f-h7m7

Vendor Advisory

Exploit

https://github.com/free5gc/free5gc/issues/926

Exploit

Issue Tracking

https://github.com/free5gc/bsf/pull/7

Patch

Issue Tracking

https://github.com/free5gc/bsf/commit/277908565fd628d974a13ef562b81a8b7b519ffa

Patch

https://nvd.nist.gov/vuln/detail/CVE-2026-44318

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-44318

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-44318

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-44318