CVE-2024-24421

CriticalPublic PoC

Published: 21 January 2025

Published

21 January 2025

Modified

03 July 2025

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0018 39.8th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

A type confusion in the nas_message_decode function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted NAS packet.

Security Summary

CVE-2024-24421 is a type confusion vulnerability in the nas_message_decode function of Magma versions up to and including 1.8.0. Magma, an open-source platform for building access gateways and core networks in cellular deployments, is affected by this issue, which was published on 2025-01-21.

The vulnerability can be exploited remotely by unauthenticated attackers with low complexity and no user interaction, as reflected in its CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). By sending a crafted NAS packet, attackers can achieve arbitrary code execution or cause a denial of service. It is classified under CWE-94 (Code Injection).

The issue is fixed in Magma v1.9 via commit 08472ba98b8321f802e95f5622fa90fec2dea486. Additional details are available in the advisory at https://cellularsecurity.org/ransacked.

Details

CWE(s): CWE-94

Affected Products

linuxfoundation

magma

≤ 1.8.0

References

https://cellularsecurity.org/ransacked
Exploit, Third Party Advisory · cve@mitre.org