Description
FlexRIC v2.0.0 contains a reachable assertion in e2ap_create_pdu() triggered when ASN.1 PER decoding fails. A remote unauthenticated attacker can send any non-PER byte sequence (e.g., a single 0x00 byte) over SCTP to the near-RT RIC (port 36421) or iApp (port 36422) to crash the process via SIGABRT. The assertion is reached before any protocol-level validation occurs. All three E2AP protocol versions (v1.01, v2.03, v3.01) are affected.
Published: 2026-06-01
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

FlexRIC version 2.0.0 contains a reachable assertion in the e2ap_create_pdu() routine that is triggered when the ASN.1 PER decoder fails to parse incoming data. The assertion is reached before any protocol‑level validation, causing the process to abort with SIGABRT. An unauthenticated attacker can supply an arbitrary non‑PER byte sequence over SCTP to the near‑RT RIC (port 36421) or the iApp (port 36422), which results in a crash of the affected service. The vulnerability represents a denial of service that can be exploited remotely without authentication, potentially disrupting the operation of near‑RT RIC infrastructure and related services.

Affected Systems

The flaw affects FlexRIC v2.0.0, with all supported E2AP protocol versions (v1.01, v2.03, v3.01) impacted. The vulnerable points are the SCTP listeners on TCP ports 36421 (near‑RT RIC) and 36422 (iApp). No specific vendor or product naming beyond FlexRIC is provided.

Risk and Exploitability

The flaw is exploitable by an unauthenticated attacker who can send any crafted byte sequence over SCTP to the exposed ports. No EPSS score is available and the flaw is not listed in KEV, but the immediate availability of the crash vector makes the risk high from an availability perspective. The CVSS score is not provided, yet the denial of service nature warrants prioritization of remediation.

Generated by OpenCVE AI on June 1, 2026 at 20:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade FlexRIC to a version that resolves the assertion failure.
  • If an update is not immediately possible, block or filter SCTP traffic on ports 36421 and 36422 to prevent the crafted inputs from reaching the vulnerable process.
  • Monitor system logs for abnormal SIGABRT events and review application health metrics to detect potential exploitation attempts.

Generated by OpenCVE AI on June 1, 2026 at 20:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 01 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
Title Remote Assertion Failure in FlexRIC Causing Process Crash via SCTP
Weaknesses CWE-385

Mon, 01 Jun 2026 19:00:00 +0000

Type Values Removed Values Added
Description FlexRIC v2.0.0 contains a reachable assertion in e2ap_create_pdu() triggered when ASN.1 PER decoding fails. A remote unauthenticated attacker can send any non-PER byte sequence (e.g., a single 0x00 byte) over SCTP to the near-RT RIC (port 36421) or iApp (port 36422) to crash the process via SIGABRT. The assertion is reached before any protocol-level validation occurs. All three E2AP protocol versions (v1.01, v2.03, v3.01) are affected.
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-06-01T17:02:16.099Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-37229

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-01T19:16:33.293

Modified: 2026-06-01T19:16:33.293

Link: CVE-2026-37229

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-01T20:30:17Z

Weaknesses