CVE-2026-8783
Received Received - Intake
Null Pointer Dereference in OMEC Project AMF

Publication date: 2026-05-18

Last updated on: 2026-05-18

Assigner: VulDB

Description
A security vulnerability has been detected in omec-project amf up to 2.1.3-dev. This impacts the function UERadioCapabilityCheckResponse of the file ngap/dispatcher.go. Such manipulation leads to null pointer dereference. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 2.2.0 will fix this issue. Upgrading the affected component is advised. The same pull request fixes multiple security issues.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-18
Last Modified
2026-05-18
Generated
2026-06-10
AI Q&A
2026-05-19
EPSS Evaluated
2026-06-08
NVD
CVE-2026-8783
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
omec-project amf to 2.1.3-dev (inc)
omec-project amf 2.2.0
omec-project amf 2.2.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-404 The product does not release or incorrectly releases a resource before it is made available for re-use.
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not explicitly mention any impact of CVE-2026-8783 on compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

CVE-2026-8783 is a security vulnerability in the omec-project AMF (Access and Mobility Management Function) component of the 5G core network, specifically affecting versions up to 2.1.3-dev.

The vulnerability occurs in the function UERadioCapabilityCheckResponse within the ngap/dispatcher.go file, where a malformed UERadioCapabilityCheckResponse message causes a nil pointer dereference.

When the AMF receives a specially crafted NGAP message with invalid data, it triggers a runtime panic (segmentation fault), causing the AMF to crash.

This issue can be exploited remotely by sending malformed NGAP messages to the AMF.

The vulnerability was fixed in version 2.2.0 (specifically rel-2.2.1) by adding validation and safer parsing mechanisms to prevent such crashes.

Impact Analysis

Exploitation of this vulnerability can cause the AMF component of the 5G core network to crash due to a nil pointer dereference triggered by malformed NGAP messages.

Such crashes can lead to denial-of-service (DoS) conditions, disrupting critical 5G network functions like mobility management, registration, and connection management.

This disruption can impact network availability and reliability, potentially affecting end-users' connectivity and services dependent on the 5G core network.

Detection Guidance

The vulnerability CVE-2026-8783 is triggered by a malformed UERadioCapabilityCheckResponse NGAP message causing a nil pointer dereference and crash in the AMF component.

Detection can focus on monitoring for crashes or segmentation faults in the AMF service, especially those related to NGAP message decoding errors.

You can check AMF logs for runtime panics or segmentation faults triggered by malformed NGAP messages.

Network detection could involve capturing and analyzing NGAP traffic for malformed UERadioCapabilityCheckResponse messages.

  • Use system commands like `journalctl -u amf.service` or `docker logs <amf_container>` to review AMF logs for crash reports.
  • Use packet capture tools such as `tcpdump` or `wireshark` to filter NGAP messages and inspect for malformed UERadioCapabilityCheckResponse messages.
  • Example tcpdump command: `tcpdump -i <interface> -w ngap_capture.pcap 'udp port 38412'` (assuming NGAP runs over UDP port 38412), then analyze the capture for malformed messages.
Mitigation Strategies

The primary mitigation step is to upgrade the omec-project AMF component to version 2.2.0 or later, as this version includes fixes for CVE-2026-8783.

Until the upgrade can be applied, monitor the AMF service for crashes and consider restricting or filtering NGAP traffic from untrusted sources to reduce exposure.

Implement network-level protections such as firewall rules or NGAP message validation proxies to block malformed NGAP messages.

Review and apply any additional patches or updates related to the AMF component that address malformed input handling and panic safety.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-8783. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart