Description
A vulnerability was found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGReset Message Handler. Performing a manipulation results in memory corruption. The attack is possible to be carried out remotely. The exploit has been made public and could be used. It is recommended to apply a patch to fix this issue.
References (6)
Core 6
Core References
Vdb Entry vdb-entry
VDB-365248 | omec-project amf NGReset Message memory corruption
https://vuldb.com/vuln/365248
Signature, Permissions Required signature
permissions-required
VDB-365248 | CTI Indicators (IOB, IOC)
https://vuldb.com/vuln/365248/cti
Third Party Advisory third-party-advisory
Submit #811842 | Linux Foundation Projects SD-Core 2.1.1 Memory Corruption
https://vuldb.com/submit/811842
Exploit exploit
issue-tracking
https://github.com/omec-project/amf/issues/678
Patch issue-tracking
patch
https://github.com/omec-project/amf/pull/666
Product product
https://github.com/omec-project/amf/
Scores
CVSS v3
6.3
EPSS
0.0030
EPSS Percentile
21.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-119
Status
published
Products (2)
omec-project/amf
2.1.0
omec-project/amf
2.1.1
Published
May 23, 2026
Tracked Since
May 23, 2026