-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| github.com/free5gc/free5gc | go | < 3.0.5 |
Miggo AIRoot Cause AnalysisThe stack traces from the GitHub issue show multiple unhandled edge cases in NAS message processing: 1) Missing length checks for TLV structures lead to index/slice errors 2) Incomplete validation of security capability bitmask positions 3) Failure to handle malformed identity fields in conversion functions 4) LADN indicator processing causing resource exhaustion. These functions directly process untrusted NAS messages without proper input validation, enabling resource consumption attacks through crafted messages.