CVE-2026-2517 | Open5GS up to 2.7.6 SMF lib/gtp/v2/types.c ogs_gtp2_parse_tft pf[0].content.length denial of service (Issue 4281)

Full Article URL: https://vuldb.com/?id.346108
Textarea URL (this page): <a href="https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOz9W3z0zRMzYxMzSwAACQOAj1_2026-02-14">https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOz9W3z0zRMzYxMzSwAACQOAj1_2026-02-14
Source: https://vuldb.com/?rss.recent
Vuldb: https://vuldb.com
Publication date: 2026-02-14 21:06:34
Last retrieval: 2026-02-14 22:46:16.702618

21:06 - 14 Feb 2026

vuldb.com

A vulnerability classified as problematic has been found in Open5GS up to 2.7.6. This vulnerability affects the function ogs_gtp2_parse_tft in the library lib/gtp/v2/types.c of the component SMF. Performing a manipulation of the argument pf[0].content.length results in denial of service. This vulnerability is reported as CVE-2026-2517. The attack is possible to be carried out remotely. Moreover, an exploit is present. The project was informed of the problem early through an issue report but has not responded yet.

https://vuldb.com/?id.346108

CVE-2026-2517 | Open5GS up to 2.7.6 SMF lib/gtp/v2/types.c ogs_gtp2_parse_tft pf[0].content.length denial of service (Issue 4281)

Article info: