CVE-2025-15531

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-15531

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-15531.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-15531

Published

2026-01-17T16:16:05.003Z

Modified

2026-03-15T22:50:26.725903Z

Severity

5.5 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator

Summary

[none]

Details

A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwcbeareradd of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The issue report is flagged as already-fixed.

References

Affected packages

Git / github.com/open5gs/open5gs

Affected ranges

Type

GIT

Repo

https://github.com/open5gs/open5gs

Events

Introduced

Last affected

7dfd9a39649700c24c22f1978ed7a35541a72cca

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.7.5"
        }
    ]
}

Affected versions

v0.*

v0.1.0

v0.1.1

v0.2.0

v0.3.0

v0.3.1

v0.3.10

v0.3.11

v0.3.2

v0.3.3

v0.3.4

v0.3.5

v0.3.6

v0.3.7

v0.3.8

v0.3.9

v0.4.0

v0.4.1

v0.4.2

v0.4.3

v0.4.4

v0.5.0

v0.5.1

v0.5.2

v1.*

v1.0.0

v1.1.0

v1.2.0

v1.2.1

v1.2.2

v1.2.3

v1.2.4

v1.3.0

v2.*

v2.0.0

v2.0.18

v2.0.22

v2.1.0

v2.1.1

v2.1.3

v2.1.4

v2.1.5

v2.1.7

v2.2.0

v2.2.1

v2.2.6

v2.2.7

v2.2.8

v2.2.9

v2.3.0

v2.3.1

v2.3.2

v2.3.6

v2.4.0

v2.4.1

v2.4.3

v2.4.4

v2.4.5

v2.4.7

v2.4.8

v2.4.9

v2.6.1

v2.6.2

v2.6.3

v2.6.4

v2.6.6

v2.7.0

v2.7.1

v2.7.2

v2.7.5

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-15531.json"