CVE-2026-7183
Uncaught Exception in UERANSIM Radio Link Simulation Layer
Publication date: 2026-04-27
Last updated on: 2026-04-27
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| aligungr | ueransim | to 3.2.7 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-248 | An exception is thrown from a function, but it is not caught. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the aligungr UERANSIM software up to version 3.2.7, specifically in the function rls::DecodeRlsMessage within the Radio Link Simulation Layer component. The issue arises from improper handling of the argument pduLength, which can cause an uncaught exception. This means that an attacker can remotely trigger this flaw, potentially causing the software to behave unexpectedly or crash.
The vulnerability has been fixed in version 3.2.8 by the vendor, who responded promptly and professionally.
How can this vulnerability impact me? :
The vulnerability can be exploited remotely to cause an uncaught exception in the affected software, which may lead to a denial of service or disruption of the Radio Link Simulation Layer functionality. This could impact the availability of the system using UERANSIM, potentially causing interruptions in service.
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to upgrade the affected component aligungr UERANSIM to version 3.2.8, which contains the fix for this issue.