CVE-2024-24417

HighPublic PoC

Published: 21 January 2025

Published

21 January 2025

Modified

14 March 2025

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score 0.0017 37.6th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_protocol_configuration_options function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

Security Summary

CVE-2024-24417 is a buffer overflow vulnerability affecting the Linux Foundation's Magma project in versions up to and including 1.8.0. The flaw exists in the decode_protocol_configuration_options function within the file /3gpp/3gpp_24.008_sm_ies.c. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and maps to CWE-125 (Out-of-bounds Read) and CWE-120 (Buffer Copy without Checking Size of Input).

The vulnerability can be exploited remotely by unauthenticated attackers with network access, requiring low complexity and no user interaction. By crafting and transmitting a malicious NAS packet, an attacker can trigger the buffer overflow, resulting in a Denial of Service (DoS) that crashes the affected component and disrupts service availability.

Mitigation is available in Magma version 1.9 through commit 08472ba98b8321f802e95f5622fa90fec2dea486. Security practitioners should update to this fixed version or apply the patch. Further details on the advisory are provided at https://cellularsecurity.org/ransacked.

Details

CWE(s): CWE-125CWE-120

Affected Products

linuxfoundation

magma

≤ 1.8.0

References

https://cellularsecurity.org/ransacked
Exploit, Third Party Advisory · cve@mitre.org