CVE-2024-24444

CVE-2024-24444 involves improper file descriptor handling for closed connections in OpenAirInterface CN5G AMF (oai-cn5g-amf) up to version 2.0.0. This vulnerability affects the N2 interface of the software, allowing attackers to trigger a Denial of Service (DoS) by repeatedly establishing SCTP connections. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and maps to CWE-775 (Allocation of File Descriptors or Handles Without Limits or Throttling). The issue was published on 2025-01-21.

Remote attackers with network access to the N2 interface can exploit this vulnerability without privileges, authentication, or user interaction due to its low attack complexity. By repeatedly establishing SCTP connections, which are not properly handled upon closure, attackers exhaust available file descriptors. This results in a High-impact availability disruption, preventing the AMF from processing legitimate connections and effectively denying service to the component.

Advisories and further details are available from OpenAirInterface at http://openairinterface.com and Cellular Security research at https://cellularsecurity.org/ransacked. Security practitioners should consult these sources for any recommended mitigations, such as software updates beyond version 2.0.0 or configuration hardening to limit connection rates.