CVE-2024-40130

Source
https://cve.org/CVERecord?id=CVE-2024-40130
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-40130.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-40130
Published
2024-07-16T19:15:12.683Z
Modified
2026-04-12T08:40:52.799318Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

open5gs v2.6.4 is vulnerable to Buffer Overflow. via /lib/core/abts.c.

References

Affected packages

Git / github.com/open5gs/open5gs

Affected ranges

Type
GIT
Repo
https://github.com/open5gs/open5gs
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Fixed
Database specific
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.6.4"
        }
    ]
}

Affected versions

v0.*
v0.1.0
v0.1.1
v0.2.0
v0.3.0
v0.3.1
v0.3.10
v0.3.2
v0.3.3
v0.3.4
v0.3.5
v0.3.6
v0.3.8
v0.4.1
v0.4.2
v0.4.3
v0.4.4
v0.5.0
v0.5.1
v0.5.2
v1.*
v1.0.0
v1.1.0
v1.2.0
v1.2.1
v1.2.2
v1.2.3
v1.2.4
v1.3.0
v2.*
v2.0.0
v2.0.18
v2.0.22
v2.1.0
v2.1.1
v2.1.3
v2.1.4
v2.1.5
v2.1.7
v2.2.0
v2.2.1
v2.2.6
v2.2.7
v2.2.8
v2.2.9
v2.3.0
v2.3.2
v2.3.6
v2.4.0
v2.4.1
v2.4.3
v2.4.4
v2.4.5
v2.4.7
v2.4.8
v2.4.9
v2.6.1
v2.6.2
v2.6.3
v2.6.4

Database specific

vanir_signatures
[
    {
        "id": "CVE-2024-40130-1547f57f",
        "target": {
            "file": "tests/common/s1ap-handler.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "158147148440950893756100354826545304887",
                "90691174721735378642058515256132105169",
                "39015840496135311019317752534354610628",
                "277105007292367580745643734195869086292",
                "80391176144530786792227127456142700438",
                "9397254657311271677267450679531207977",
                "151606214970635482721564041394116476654",
                "225154131832222330800193277070382921191",
                "67506970451540765983397080321560767428",
                "16977268876395390841957372544228739755",
                "294865764239563710243846336046654253350",
                "273044645211350846033584871890401335473",
                "231082650904631533303581301978020216338",
                "57379309665826060124842922181065496136",
                "137850775438894927655481572693626137979",
                "200557304154077108363123587542843913569"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-21e4599b",
        "target": {
            "file": "tests/common/gtpu.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "129536810704088443996827815411595602506",
                "51876401171545619074647327253999838728",
                "327786477358420942547212988312706085100",
                "104922795276576285285430904965822805954",
                "51696396707257649031556126303569954938"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-228664e7",
        "target": {
            "file": "tests/common/context.h"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "114366274980492922773941095999414397359",
                "279802403965845622795729490287871868884",
                "284035936112437253273895735413423492547",
                "26938640575127553819820791214121027586"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-4f0c8ad4",
        "target": {
            "file": "tests/unit/abts-main.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "302662995217570811823611870755256422838",
                "323966839750528128751737439362747821834",
                "64768953978099450956343067253875221602",
                "281941459458444152878084850471822627382"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-8d027e20",
        "target": {
            "file": "tests/app/epc-init.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "146477149246158874347334131100993031756",
                "39865317697276840879638238590515094514",
                "37283656352135825151018747821257480031",
                "47404898621585763836316622503841697658"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-8feb7685",
        "target": {
            "file": "src/main.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "176951551851011751718028202221619626910",
                "195871980496934538513236336995249591794",
                "103266669591572515719691098852324293325",
                "222652630275908858505189396166005895820"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-a0124e53",
        "target": {
            "function": "test1_func",
            "file": "tests/handover/epc-s1-test.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Function",
        "digest": {
            "function_hash": "201918200599648814786687545304731973004",
            "length": 12106.0
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-a4173ec3",
        "target": {
            "file": "tests/common/context.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "186704945246640382608203876721878015921",
                "114091301253074145641205101051178043717",
                "36339021673168096668873648629187355658",
                "161218068140578625951852186294668284240"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-aaea2043",
        "target": {
            "file": "tests/sctp/abts-main.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "302662995217570811823611870755256422838",
                "323966839750528128751737439362747821834",
                "64768953978099450956343067253875221602",
                "281941459458444152878084850471822627382"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-b0b33665",
        "target": {
            "file": "tests/common/ngap-build.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "116659490446893823017019200695678393917",
                "79155143488638194747394920411175188877",
                "27987476925490013948263732699249852647",
                "322930851799905977676217919473389213595",
                "12057441684375098201047445754656163622",
                "88983930305413259994140878005591645558",
                "281620815804622846331105661488990380397",
                "231014372277965498447067209830904405006",
                "299579964469367744666440756244218579611",
                "139308806728265367684773771038766022004",
                "227609587958178750566022892070826044538",
                "135041967113963115640268907270545566825",
                "233182864593096844101854355927104149046",
                "298581120933616891235702989758209541584",
                "68753564710021030449041836499451530452",
                "165591666946136473735186111040694904328",
                "164168858087267536584319769318564171513",
                "92502922505081348133862083688473026424",
                "82068159318242033448971515533465721149",
                "111904120520913989783166994199753839301",
                "314785423874419133644542781317382467464",
                "39115374917781303177790145389644351721",
                "47877690765570475417683284641930637774",
                "332529922163784799893039828516235242236",
                "117254840445652509502698743245317486265",
                "51634600669437966308376853326301323410",
                "86813269195299600815014703870953162733",
                "60570763418914535285087357356603108",
                "81081993800965593414815461898162518509",
                "62512921440618412260910400113796306171",
                "16818854578816860201020964701713882138",
                "57355000671557151486905753889602385706",
                "240751953352288330840115400459664618676",
                "214222214652233206404330893361428082743",
                "11369006982806158958115897990153032309",
                "284973055154799167012875993723494754187",
                "61076518103985136009053140387872102273",
                "266971355880373757606096195767068965274",
                "291792146387025120587346694900006715586",
                "8304704994643582985550431704329576865",
                "247568189785355423092323651100096836783",
                "79155143488638194747394920411175188877",
                "230934849542515400375331788106961354698",
                "266032890838496490700977193499373099115",
                "147586422729060295790981714256806915881",
                "244006178095063886741968236029671104461",
                "334795626618071753911099779369254833537",
                "231014372277965498447067209830904405006",
                "299579964469367744666440756244218579611",
                "139308806728265367684773771038766022004",
                "227609587958178750566022892070826044538",
                "135041967113963115640268907270545566825",
                "233182864593096844101854355927104149046",
                "298581120933616891235702989758209541584",
                "68753564710021030449041836499451530452",
                "165591666946136473735186111040694904328",
                "164168858087267536584319769318564171513",
                "92502922505081348133862083688473026424",
                "82068159318242033448971515533465721149",
                "111904120520913989783166994199753839301",
                "314785423874419133644542781317382467464",
                "247752403480162690336814046199611434253",
                "125286417432185993322346636228962963067",
                "7147754221284415233580193396758615113",
                "89389642021035794868785688803693121444",
                "271747251321630053669303882615516131366",
                "51634600669437966308376853326301323410",
                "86813269195299600815014703870953162733",
                "60570763418914535285087357356603108",
                "81081993800965593414815461898162518509",
                "62512921440618412260910400113796306171",
                "16818854578816860201020964701713882138",
                "57355000671557151486905753889602385706",
                "240751953352288330840115400459664618676",
                "214222214652233206404330893361428082743",
                "11369006982806158958115897990153032309",
                "284973055154799167012875993723494754187",
                "61076518103985136009053140387872102273",
                "229172807433057516536892485721847503701",
                "246952794759850710730864501228669540623",
                "84884260535201612046103975056116037127"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-b4a8cd01",
        "target": {
            "function": "test_gtpu_send_indirect_data_forwarding",
            "file": "tests/common/gtpu.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Function",
        "digest": {
            "function_hash": "223534098323674493128617698306891676892",
            "length": 678.0
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-c3f3b681",
        "target": {
            "function": "testngap_build_ran_configuration_update",
            "file": "tests/common/ngap-build.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Function",
        "digest": {
            "function_hash": "320090986501407300723661448568725140928",
            "length": 2280.0
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-cd102e98",
        "target": {
            "file": "tests/app/app-init.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "146477149246158874347334131100993031756",
                "39865317697276840879638238590515094514",
                "37283656352135825151018747821257480031",
                "47404898621585763836316622503841697658"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-dc1c215f",
        "target": {
            "file": "tests/app/5gc-init.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "146477149246158874347334131100993031756",
                "39865317697276840879638238590515094514",
                "37283656352135825151018747821257480031",
                "47404898621585763836316622503841697658"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-e489a9c3",
        "target": {
            "file": "tests/handover/epc-s1-test.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "283972098692837532271015230988639164723",
                "333547237823104570004050971523990224313",
                "232477549075862229654509947939554236100",
                "266570509656154265300042132138730302559",
                "207353000067458912351038311581741833705",
                "316467673776116320149843850907737225888",
                "331959787136523407481858706005508106737"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-e5b9bf31",
        "target": {
            "file": "tests/crypt/abts-main.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "302662995217570811823611870755256422838",
                "323966839750528128751737439362747821834",
                "64768953978099450956343067253875221602",
                "281941459458444152878084850471822627382"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-e6510832",
        "target": {
            "file": "tests/core/abts-main.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "302662995217570811823611870755256422838",
                "323966839750528128751737439362747821834",
                "64768953978099450956343067253875221602",
                "281941459458444152878084850471822627382"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-e76e6f4a",
        "target": {
            "function": "testngap_build_ng_setup_request",
            "file": "tests/common/ngap-build.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Function",
        "digest": {
            "function_hash": "296795352090053790469644051733961367473",
            "length": 3532.0
        },
        "deprecated": false
    },
    {
        "id": "CVE-2024-40130-f31280da",
        "target": {
            "file": "tests/common/application.c"
        },
        "signature_version": "v1",
        "source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "287610240197529692263774773835873995984",
                "167256351247365243693921479414699825252",
                "121142551566868297395414009052075341982",
                "133652398469746946802676887514402165988"
            ],
            "threshold": 0.9
        },
        "deprecated": false
    }
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-40130.json"
vanir_signatures_modified
"2026-04-12T08:40:52Z"