CVE-2025-69247
Last modified
CVE-2025-69247 is a low-severity vulnerability rated 2.7/10 on the CVSS scale. free5GC go-upf is the User Plane Function (UPF) implementation for 5G networks that is part of the free5GC project. Versions prior to 1.2.8 have a Heap-based Buffer Overflow (CWE-122) vulnerability leading to Denial of Service. EPSS estimates a 0.53% chance of exploitation in the next 30 days.
Description
free5GC go-upf is the User Plane Function (UPF) implementation for 5G networks that is part of the free5GC project. Versions prior to 1.2.8 have a Heap-based Buffer Overflow (CWE-122) vulnerability leading to Denial of Service. Remote attackers can crash the UPF network element by sending a specially crafted PFCP Session Modification Request with an invalid SDF Filter length field. This causes a heap buffer overflow, resulting in complete service disruption for all connected UEs and potential cascading failures affecting the SMF. All deployments of free5GC using the UPF component may be affected. Version 1.2.8 of go-upf contains a fix.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Free5gc | Go-Upf | < 1.2.8 |
References
- https://github.com/free5gc/free5gc/issues/746Exploit, Issue Tracking, Patch, Vendor Advisory
- https://github.com/free5gc/free5gc/security/advisories/GHSA-gf69-93xr-p23gPatch, Vendor Advisory
- https://github.com/free5gc/go-upf/pull/85Issue Tracking, Patch
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-69247?
How severe is CVE-2025-69247?
How do I fix CVE-2025-69247?
Are you affected by CVE-2025-69247?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST