open5gs v2.6.4 is vulnerable to Buffer Overflow. via /lib/core/abts.c.
[
{
"id": "CVE-2024-40130-1547f57f",
"target": {
"file": "tests/common/s1ap-handler.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Line",
"digest": {
"line_hashes": [
"158147148440950893756100354826545304887",
"90691174721735378642058515256132105169",
"39015840496135311019317752534354610628",
"277105007292367580745643734195869086292",
"80391176144530786792227127456142700438",
"9397254657311271677267450679531207977",
"151606214970635482721564041394116476654",
"225154131832222330800193277070382921191",
"67506970451540765983397080321560767428",
"16977268876395390841957372544228739755",
"294865764239563710243846336046654253350",
"273044645211350846033584871890401335473",
"231082650904631533303581301978020216338",
"57379309665826060124842922181065496136",
"137850775438894927655481572693626137979",
"200557304154077108363123587542843913569"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2024-40130-21e4599b",
"target": {
"file": "tests/common/gtpu.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Line",
"digest": {
"line_hashes": [
"129536810704088443996827815411595602506",
"51876401171545619074647327253999838728",
"327786477358420942547212988312706085100",
"104922795276576285285430904965822805954",
"51696396707257649031556126303569954938"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2024-40130-228664e7",
"target": {
"file": "tests/common/context.h"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Line",
"digest": {
"line_hashes": [
"114366274980492922773941095999414397359",
"279802403965845622795729490287871868884",
"284035936112437253273895735413423492547",
"26938640575127553819820791214121027586"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2024-40130-4f0c8ad4",
"target": {
"file": "tests/unit/abts-main.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Line",
"digest": {
"line_hashes": [
"302662995217570811823611870755256422838",
"323966839750528128751737439362747821834",
"64768953978099450956343067253875221602",
"281941459458444152878084850471822627382"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2024-40130-8d027e20",
"target": {
"file": "tests/app/epc-init.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Line",
"digest": {
"line_hashes": [
"146477149246158874347334131100993031756",
"39865317697276840879638238590515094514",
"37283656352135825151018747821257480031",
"47404898621585763836316622503841697658"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2024-40130-8feb7685",
"target": {
"file": "src/main.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Line",
"digest": {
"line_hashes": [
"176951551851011751718028202221619626910",
"195871980496934538513236336995249591794",
"103266669591572515719691098852324293325",
"222652630275908858505189396166005895820"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2024-40130-a0124e53",
"target": {
"function": "test1_func",
"file": "tests/handover/epc-s1-test.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Function",
"digest": {
"function_hash": "201918200599648814786687545304731973004",
"length": 12106.0
},
"deprecated": false
},
{
"id": "CVE-2024-40130-a4173ec3",
"target": {
"file": "tests/common/context.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Line",
"digest": {
"line_hashes": [
"186704945246640382608203876721878015921",
"114091301253074145641205101051178043717",
"36339021673168096668873648629187355658",
"161218068140578625951852186294668284240"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2024-40130-aaea2043",
"target": {
"file": "tests/sctp/abts-main.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Line",
"digest": {
"line_hashes": [
"302662995217570811823611870755256422838",
"323966839750528128751737439362747821834",
"64768953978099450956343067253875221602",
"281941459458444152878084850471822627382"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2024-40130-b0b33665",
"target": {
"file": "tests/common/ngap-build.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Line",
"digest": {
"line_hashes": [
"116659490446893823017019200695678393917",
"79155143488638194747394920411175188877",
"27987476925490013948263732699249852647",
"322930851799905977676217919473389213595",
"12057441684375098201047445754656163622",
"88983930305413259994140878005591645558",
"281620815804622846331105661488990380397",
"231014372277965498447067209830904405006",
"299579964469367744666440756244218579611",
"139308806728265367684773771038766022004",
"227609587958178750566022892070826044538",
"135041967113963115640268907270545566825",
"233182864593096844101854355927104149046",
"298581120933616891235702989758209541584",
"68753564710021030449041836499451530452",
"165591666946136473735186111040694904328",
"164168858087267536584319769318564171513",
"92502922505081348133862083688473026424",
"82068159318242033448971515533465721149",
"111904120520913989783166994199753839301",
"314785423874419133644542781317382467464",
"39115374917781303177790145389644351721",
"47877690765570475417683284641930637774",
"332529922163784799893039828516235242236",
"117254840445652509502698743245317486265",
"51634600669437966308376853326301323410",
"86813269195299600815014703870953162733",
"60570763418914535285087357356603108",
"81081993800965593414815461898162518509",
"62512921440618412260910400113796306171",
"16818854578816860201020964701713882138",
"57355000671557151486905753889602385706",
"240751953352288330840115400459664618676",
"214222214652233206404330893361428082743",
"11369006982806158958115897990153032309",
"284973055154799167012875993723494754187",
"61076518103985136009053140387872102273",
"266971355880373757606096195767068965274",
"291792146387025120587346694900006715586",
"8304704994643582985550431704329576865",
"247568189785355423092323651100096836783",
"79155143488638194747394920411175188877",
"230934849542515400375331788106961354698",
"266032890838496490700977193499373099115",
"147586422729060295790981714256806915881",
"244006178095063886741968236029671104461",
"334795626618071753911099779369254833537",
"231014372277965498447067209830904405006",
"299579964469367744666440756244218579611",
"139308806728265367684773771038766022004",
"227609587958178750566022892070826044538",
"135041967113963115640268907270545566825",
"233182864593096844101854355927104149046",
"298581120933616891235702989758209541584",
"68753564710021030449041836499451530452",
"165591666946136473735186111040694904328",
"164168858087267536584319769318564171513",
"92502922505081348133862083688473026424",
"82068159318242033448971515533465721149",
"111904120520913989783166994199753839301",
"314785423874419133644542781317382467464",
"247752403480162690336814046199611434253",
"125286417432185993322346636228962963067",
"7147754221284415233580193396758615113",
"89389642021035794868785688803693121444",
"271747251321630053669303882615516131366",
"51634600669437966308376853326301323410",
"86813269195299600815014703870953162733",
"60570763418914535285087357356603108",
"81081993800965593414815461898162518509",
"62512921440618412260910400113796306171",
"16818854578816860201020964701713882138",
"57355000671557151486905753889602385706",
"240751953352288330840115400459664618676",
"214222214652233206404330893361428082743",
"11369006982806158958115897990153032309",
"284973055154799167012875993723494754187",
"61076518103985136009053140387872102273",
"229172807433057516536892485721847503701",
"246952794759850710730864501228669540623",
"84884260535201612046103975056116037127"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2024-40130-b4a8cd01",
"target": {
"function": "test_gtpu_send_indirect_data_forwarding",
"file": "tests/common/gtpu.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Function",
"digest": {
"function_hash": "223534098323674493128617698306891676892",
"length": 678.0
},
"deprecated": false
},
{
"id": "CVE-2024-40130-c3f3b681",
"target": {
"function": "testngap_build_ran_configuration_update",
"file": "tests/common/ngap-build.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Function",
"digest": {
"function_hash": "320090986501407300723661448568725140928",
"length": 2280.0
},
"deprecated": false
},
{
"id": "CVE-2024-40130-cd102e98",
"target": {
"file": "tests/app/app-init.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Line",
"digest": {
"line_hashes": [
"146477149246158874347334131100993031756",
"39865317697276840879638238590515094514",
"37283656352135825151018747821257480031",
"47404898621585763836316622503841697658"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2024-40130-dc1c215f",
"target": {
"file": "tests/app/5gc-init.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Line",
"digest": {
"line_hashes": [
"146477149246158874347334131100993031756",
"39865317697276840879638238590515094514",
"37283656352135825151018747821257480031",
"47404898621585763836316622503841697658"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2024-40130-e489a9c3",
"target": {
"file": "tests/handover/epc-s1-test.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Line",
"digest": {
"line_hashes": [
"283972098692837532271015230988639164723",
"333547237823104570004050971523990224313",
"232477549075862229654509947939554236100",
"266570509656154265300042132138730302559",
"207353000067458912351038311581741833705",
"316467673776116320149843850907737225888",
"331959787136523407481858706005508106737"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2024-40130-e5b9bf31",
"target": {
"file": "tests/crypt/abts-main.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Line",
"digest": {
"line_hashes": [
"302662995217570811823611870755256422838",
"323966839750528128751737439362747821834",
"64768953978099450956343067253875221602",
"281941459458444152878084850471822627382"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2024-40130-e6510832",
"target": {
"file": "tests/core/abts-main.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Line",
"digest": {
"line_hashes": [
"302662995217570811823611870755256422838",
"323966839750528128751737439362747821834",
"64768953978099450956343067253875221602",
"281941459458444152878084850471822627382"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2024-40130-e76e6f4a",
"target": {
"function": "testngap_build_ng_setup_request",
"file": "tests/common/ngap-build.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Function",
"digest": {
"function_hash": "296795352090053790469644051733961367473",
"length": 3532.0
},
"deprecated": false
},
{
"id": "CVE-2024-40130-f31280da",
"target": {
"file": "tests/common/application.c"
},
"signature_version": "v1",
"source": "https://github.com/open5gs/open5gs/commit/2f8ae91b0b9467f94f128090c88cae91bd73e008",
"signature_type": "Line",
"digest": {
"line_hashes": [
"287610240197529692263774773835873995984",
"167256351247365243693921479414699825252",
"121142551566868297395414009052075341982",
"133652398469746946802676887514402165988"
],
"threshold": 0.9
},
"deprecated": false
}
]
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-40130.json"
"2026-04-12T08:40:52Z"