Linuxfoundation

Magma

22 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-37036

Exploit
  • EPSS 0.06%
  • Published 21.01.2025 23:15:10
  • Last modified 18.03.2025 21:15:23

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Uplink NAS Transport` pac...

6.5

CVE-2023-37034

Exploit
  • EPSS 0.06%
  • Published 21.01.2025 23:15:10
  • Last modified 24.03.2025 18:15:17

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Initial UE Message` packe...

6.5

CVE-2023-37033

Exploit
  • EPSS 0.06%
  • Published 21.01.2025 23:15:10
  • Last modified 20.03.2025 14:15:15

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Initial UE Message` packe...

7.5

CVE-2023-37032

Exploit
  • EPSS 0.54%
  • Published 21.01.2025 23:15:10
  • Last modified 13.03.2025 15:15:38

A Stack-based buffer overflow in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows remote attackers to crash the MME with an unauthenticated cellphone by sending a NAS...

6.5

CVE-2023-37031

Exploit
  • EPSS 0.06%
  • Published 21.01.2025 23:15:10
  • Last modified 19.03.2025 15:15:45

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `eNB Configuration Transfe...

6.5

CVE-2023-37030

Exploit
  • EPSS 0.06%
  • Published 21.01.2025 23:15:10
  • Last modified 25.03.2025 15:15:18

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Initial UE Message` packe...

7.5

CVE-2023-37029

Exploit
  • EPSS 0.11%
  • Published 21.01.2025 23:15:10
  • Last modified 27.01.2025 14:39:48

Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) are susceptible to an assertion-based crash when an oversized NAS packet is received. An attacker may leverage this behavior to repeatedly crash the MME via eithe...

6.5

CVE-2023-37028

Exploit
  • EPSS 0.05%
  • Published 21.01.2025 23:15:10
  • Last modified 13.03.2025 20:15:15

A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `E-RAB Modification Indica...

7.5

CVE-2023-37024

Exploit
  • EPSS 0.15%
  • Published 21.01.2025 23:15:09
  • Last modified 23.01.2025 19:29:27

A reachable assertion in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows remote attackers to crash the MME with an unauthenticated cellphone by sending a NAS packet ...

6.5

CVE-2023-37027

Exploit
  • EPSS 0.05%
  • Published 21.01.2025 23:15:09
  • Last modified 18.03.2025 20:15:20

Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `E-RAB Modification Indicati...