CVE-2026-8224 | Open5GS up to 2.7.7 PCF /src/pcf/context.c pcf_sess_set_ipv6prefix SmPolicyContextData.ipv6AddressPrefix denial of service (Issue 4439)

A vulnerability categorized as problematic has been discovered in Open5GS up to 2.7.7. Affected by this issue is the function pcf_sess_set_ipv6prefix of the file /src/pcf/context.c of the component PCF. Executing a manipulation of the argument SmPolicyContextData.ipv6AddressPrefix can lead to denial of service.

This vulnerability is registered as CVE-2026-8224. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More