CVE-2025-69248

UNKNOWN 0.0

free5GC has Array Index Out of Bounds in AMF Leading to Denial of Service

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

free5GC is an open-source project for 5th generation (5G) mobile core networks. Versions up to and including 1.4.1 of free5GC's AMF service have a Buffer Overflow vulnerability leading to Denial of Service. Remote unauthenticated attackers can crash the AMF service by sending a specially crafted NAS Registration Request with a malformed 5GS Mobile Identity, causing complete denial of service for the 5G core network. All deployments of free5GC using the AMF component may be affected. Pull request 43 of the free5gc/nas repo contains a fix. No direct workaround is available at the application level. Applying the official patch is recommended.

CWE	CWE-129
Vendor	free5gc
Product	amf
Published	Feb 23, 2026
Last Updated	Feb 25, 2026

Stay Ahead of the Next One

Get instant alerts for free5gc amf

Be the first to know when new unknown vulnerabilities affecting free5gc amf are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

free5gc / amf

<= 1.4.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/free5gc/free5gc/security/advisories/GHSA-h6xc-8vvf-jcjp github.com: https://github.com/free5gc/free5gc/issues/747 github.com: https://github.com/free5gc/nas/pull/43 github.com: https://github.com/free5gc/nas/commit/0329a7ac3f314f210366c1b3c33dc29eded4ac5f