CVE-2022-3299
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-3299
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-3299.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-3299
- Published
- 2022-09-26T13:15:11Z
- Modified
- 2025-09-19T13:57:43.053079Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A vulnerability was found in Open5GS up to 2.4.10. It has been declared as problematic. Affected by this vulnerability is an unknown functionality in the library lib/sbi/client.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. The name of the patch is 724fa568435dae45ef0c3a48b2aabde052afae88. It is recommended to apply a patch to fix this issue. The identifier VDB-209545 was assigned to this vulnerability.
- References
Affected packages
Git / github.com/open5gs/open5gs
Affected ranges
- Type
- GIT
- Repo
- https://github.com/open5gs/open5gs
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v0.*
v0.1.0
v0.1.1
v0.2.0
v0.3.0
v0.3.1
v0.3.10
v0.3.11
v0.3.2
v0.3.3
v0.3.4
v0.3.5
v0.3.6
v0.3.7
v0.3.8
v0.3.9
v0.4.0
v0.4.1
v0.4.2
v0.4.3
v0.4.4
v0.5.0
v0.5.1
v0.5.2
v1.*
v1.0.0
v1.1.0
v1.2.0
v1.2.1
v1.2.2
v1.2.3
v1.2.4
v1.3.0
v2.*
v2.0.0
v2.0.18
v2.0.22
v2.1.0
v2.1.1
v2.1.3
v2.1.4
v2.1.5
v2.1.7
v2.2.0
v2.2.1
v2.2.6
v2.2.7
v2.2.8
v2.2.9
v2.3.0
v2.3.1
v2.3.2
v2.3.6
v2.4.0
v2.4.1
v2.4.3
v2.4.4
v2.4.5
v2.4.7
v2.4.8
v2.4.9
Database specific
{
"vanir_signatures": [
{
"id": "CVE-2022-3299-7b9bdf6f",
"digest": {
"threshold": 0.9,
"line_hashes": [
"54340837667262436963158231179732426085",
"277815706928737277172089149770849983267",
"116776069677126102051497239583277846023",
"38838716201110960839436251983995655716",
"44320873639331626881474965432802154303",
"289245706260880176313004693756981557258",
"37419717968007643517617350233808443720",
"177319892078940693546298665927911881338",
"76048998928808196460299429023924655781",
"290097942958192935233609745566892426557",
"120963101557565555180958902633735430861",
"330301981078441995127060692222097157347",
"161677093735320246641880352039365457094",
"218957587949474533393314591488465880301",
"76405502399166282655900420019364237725",
"64185109178769989923244442895149592338",
"275764314733274755052096000357796205081",
"258629837511314760161909037127735181896",
"127038569299519171441296459401017984584",
"188883983343820704663647802195695880246",
"33404340989761252968125285326158928213",
"49769313659744095416299592756084197554",
"223019647099577113662729154676556383029",
"143594710986097774229847094302570430276",
"24283807845412089848233068405789494198",
"246199693792984798835317091632980240432",
"281087697009044346350800974901652253262",
"44035209485652885648479696559760919731",
"192960534727310856072319087006442207198"
]
},
"signature_type": "Line",
"deprecated": false,
"target": {
"file": "lib/sbi/client.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/724fa568435dae45ef0c3a48b2aabde052afae88"
},
{
"id": "CVE-2022-3299-8352257a",
"digest": {
"length": 1148.0,
"function_hash": "54576081028871581880038215804035760318"
},
"signature_type": "Function",
"deprecated": false,
"target": {
"file": "lib/sbi/nghttp2-server.c",
"function": "on_data_chunk_recv"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/724fa568435dae45ef0c3a48b2aabde052afae88"
},
{
"id": "CVE-2022-3299-86d2d9e3",
"digest": {
"length": 2311.0,
"function_hash": "150489645850718229923669706052574848662"
},
"signature_type": "Function",
"deprecated": false,
"target": {
"file": "lib/sbi/nghttp2-server.c",
"function": "on_frame_recv"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/724fa568435dae45ef0c3a48b2aabde052afae88"
},
{
"id": "CVE-2022-3299-cb11ae51",
"digest": {
"length": 522.0,
"function_hash": "273732133633540342962190919332475245473"
},
"signature_type": "Function",
"deprecated": false,
"target": {
"file": "lib/sbi/client.c",
"function": "write_cb"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/724fa568435dae45ef0c3a48b2aabde052afae88"
},
{
"id": "CVE-2022-3299-df31ad08",
"digest": {
"threshold": 0.9,
"line_hashes": [
"230365354679696341688975056717225338288",
"199728486243098274428515145129227810171",
"42605245377125116209715845256784990549",
"112286084195538923111295701537350280017",
"241462497410196774451815347390802301840",
"31969206583636096135344775444493695921",
"325607950461156366775382478960580647744",
"300941628665157196262131404344870332380",
"45194648217708838240028053917608538240",
"148292617260441034019634448782941171916",
"62560200386986274531703920345885463252",
"121918711456523760688562856868307384260",
"315504222245306903813354647223570343322",
"133181541832404298601366265701925383544",
"148491961927426643962607246586736462672",
"189561706892555527221310368256926329991",
"86327028037998844104769509972956990933",
"50010001790606877071673136711623027737",
"211719794681275178631786322667850768390",
"325658841953032862497013754244752283571",
"208291909101379395558294527456969388403",
"186722462393717412214581686715790151893",
"266907154613868784346853014734743697847",
"7856954888012342116792313665754922274",
"59478495175024917542060130856059419942",
"95434670878637911930168728936246620430",
"81437120317026923695364773148880079408",
"86974643322961971377473382795756565515",
"271630198057282718279029272272668999859",
"309739985634410447915172296387560058849",
"269967621720714982688565083976810733115"
]
},
"signature_type": "Line",
"deprecated": false,
"target": {
"file": "lib/sbi/nghttp2-server.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/724fa568435dae45ef0c3a48b2aabde052afae88"
},
{
"id": "CVE-2022-3299-ef821633",
"digest": {
"length": 1865.0,
"function_hash": "103207162253592834330229885478328654419"
},
"signature_type": "Function",
"deprecated": false,
"target": {
"file": "lib/sbi/client.c",
"function": "check_multi_info"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/724fa568435dae45ef0c3a48b2aabde052afae88"
}
]
}