CVE-2024-24416

HighPublic PoC

Published: 21 January 2025

Published

21 January 2025

Modified

15 March 2025

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score 0.0017 37.6th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_access_point_name_ie function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

Security Summary

CVE-2024-24416 is a buffer overflow vulnerability (CWE-120) affecting the Linux Foundation's Magma project in versions up to and including 1.8.0. The flaw resides in the decode_access_point_name_ie function within the file /3gpp/3gpp_24.008_sm_ies.c. It has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating high severity primarily due to its potential for availability disruption. The issue was fixed in Magma v1.9 via commit 08472ba98b8321f802e95f5622fa90fec2dea486.

Remote attackers with network access can exploit this vulnerability by sending a specially crafted Non-Access Stratum (NAS) packet to a vulnerable Magma instance. No authentication, privileges, or user interaction are required, and the attack has low complexity. Successful exploitation triggers the buffer overflow, leading to a Denial of Service (DoS) condition, such as application crashes or service unavailability, without impacting confidentiality or integrity.

Mitigation involves upgrading to Magma v1.9 or later, which includes the fixing commit. Additional details are available in the advisory at https://cellularsecurity.org/ransacked, published on 2025-01-21.

Details

CWE(s): CWE-120

Affected Products

linuxfoundation

magma

≤ 1.8.0

References

https://cellularsecurity.org/ransacked
Exploit, Third Party Advisory · cve@mitre.org