GHSA-cqvv-r3g3-26rf

Suggest an improvement
Source
https://github.com/advisories/GHSA-cqvv-r3g3-26rf
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-cqvv-r3g3-26rf/GHSA-cqvv-r3g3-26rf.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-cqvv-r3g3-26rf
Aliases
Published
2023-10-23T03:30:30Z
Modified
2023-11-01T05:03:09.111718Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
free5GC udm vulnerable to Invalid Curve Attack
Details

pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the UDM, which tries to decrypt them via both its private key and the attacker's public key.

Database specific
{
    "cwe_ids": [
        "CWE-327",
        "CWE-347"
    ],
    "github_reviewed_at": "2023-10-24T02:00:10Z",
    "nvd_published_at": "2023-10-23T01:15:07Z",
    "severity": "HIGH",
    "github_reviewed": true
}
References

Affected packages

Go / github.com/free5gc/udm

Package

Name
github.com/free5gc/udm
View open source insights on deps.dev
Purl
pkg:golang/github.com/free5gc/udm

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.0