Description
A flaw has been found in Open5GS up to 2.7.7. This impacts the function _gtpv1_u_recv_cb of the file src/upf/gtp-path.c of the component UPF. Executing a manipulation can lead to resource consumption. The attack may be performed from remote. The project was informed of the problem early through an issue report but has not responded yet.
Published: 2026-05-09
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw exists in the _gtpv1_u_recv_cb function of the UPF component of Open5GS and allows an attacker to trigger uncontrolled resource consumption by sending manipulated GTPv1‑U packets. The vulnerability aligns with CWE‑400 (Uncontrolled Resource Consumption) and CWE‑404 (Improper Resource Control), resulting in excessive CPU or memory use that can degrade or crash the UPF service, effectively denying service to legitimate users.

Affected Systems

Open5GS versions up to and including 2.7.7 are affected. The vulnerability resides in the UPF (User Plane Function) code located in src/upf/gtp-path.c and applies to installations that expose GTP‑U traffic to the network.

Risk and Exploitability

With a CVSS score of 6.9 the vulnerability is categorized as medium severity, and its EPSS score is currently not available. It is not listed in CISA’s KEV catalog. The attack vector is inferred to be remote, as the description states the attack may be performed from a remote source. An attacker can craft malformed GTPv1‑U messages directed at the UPF and force it to allocate resources until exhaustion, leading to a denial of service. No additional exploitation prerequisites beyond sending crafted GTP traffic are documented in the current description.

Generated by OpenCVE AI on May 9, 2026 at 12:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a newer Open5GS release that contains a fix for GTPv1‑U resource exhaustion if one is available.
  • Restrict GTP‑U traffic to the UPF with firewall or ACL rules so that only trusted peers can send packets to the UDP port used by GTP‑U (2152).
  • Apply system‑level resource limits or cgroup quotas to the UPF process to cap CPU and memory usage and prevent a single process from exhausting system resources.

Generated by OpenCVE AI on May 9, 2026 at 12:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 09 May 2026 11:15:00 +0000

Type Values Removed Values Added
Description A flaw has been found in Open5GS up to 2.7.7. This impacts the function _gtpv1_u_recv_cb of the file src/upf/gtp-path.c of the component UPF. Executing a manipulation can lead to resource consumption. The attack may be performed from remote. The project was informed of the problem early through an issue report but has not responded yet.
Title Open5GS UPF gtp-path.c _gtpv1_u_recv_cb resource consumption
First Time appeared Open5gs
Open5gs open5gs
Weaknesses CWE-400
CWE-404
CPEs cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*
Vendors & Products Open5gs
Open5gs open5gs
References
Metrics cvssV2_0

{'score': 5, 'vector': 'AV:N/AC:L/Au:N/C:N/I:N/A:P/E:ND/RL:ND/RC:UR'}

cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:X/RL:X/RC:R'}

cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:X/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X'}

Subscriptions

Open5gs Open5gs
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-09T11:42:14.477Z

Reserved: 2026-05-08T19:47:09.540Z

Link: CVE-2026-8187

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-09T11:16:28.530

Modified: 2026-05-09T11:16:28.530

Link: CVE-2026-8187

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-09T12:30:33Z

Weaknesses