CVE-2026-8782
Null Pointer Dereference in omec-project amf
Publication date: 2026-05-18
Last updated on: 2026-05-18
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| omec-project | amf | to 2.1.3-dev (inc) |
| omec-project | amf | 2.2.0 |
| omec-project | amf | 2.2.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-404 | The product does not release or incorrectly releases a resource before it is made available for re-use. |
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a weakness in the omec-project AMF (Access and Mobility Management Function) component, specifically in the NGAP Message Handler's file ngap/handler.go. It is caused by a null pointer dereference triggered by processing a malformed NGAP message, such as a LocationReportFailureIndication. This leads to a crash (segmentation fault) in the AMF, which is a critical part of the 5G core network.
The issue allows remote attackers to cause the AMF to crash by sending specially crafted malformed messages, resulting in denial of service. The vulnerability affects versions up to 2.1.3-dev and has been fixed in version 2.2.0 and later.
How can this vulnerability impact me? :
Exploitation of this vulnerability can cause the AMF component of the 5G core network to crash due to a null pointer dereference. This results in a denial-of-service condition, potentially disrupting mobility management and other critical network functions handled by the AMF.
Since the AMF is responsible for key control plane functions such as registration management, connection management, and security context management, its unavailability can impact network reliability and service continuity for users.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability causes a null pointer dereference crash in the AMF component when processing malformed NGAP messages, specifically a LocationReportFailureIndication message. Detection can involve monitoring for crashes or runtime panics in the AMF logs indicating invalid memory access or segmentation faults.
You can check AMF logs for error messages related to runtime panics or segmentation faults in the NGAP handler, especially in the function HandleLocationReportingFailureIndication.
While no specific commands are provided in the resources, general commands to detect such issues could include:
- Using system logs: `journalctl -u amf.service` or checking container logs if AMF runs in a container.
- Using network packet capture tools like `tcpdump` or `wireshark` to capture NGAP messages and analyze for malformed LocationReportFailureIndication messages.
- Monitoring process crashes with commands like `dmesg` or `systemctl status amf`.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade the omec-project AMF component to version 2.2.0 or later, as this version includes fixes that harden the AMF against malformed NGAP messages causing crashes.
Upgrading ensures that validation checks, nil/empty checks, and safer parsing mechanisms are in place to prevent the null pointer dereference.
Until the upgrade can be applied, monitoring for suspicious malformed NGAP messages and AMF crashes can help in early detection of exploitation attempts.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.