AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2024-24449: An uninitialized pointer dereference in the NasPdu::NasPdu component of OpenAirInterface CN5G AMF up to v2.0.0 allows at

mediumvulnerability

security

Source: NVD/CVE DatabaseNovember 15, 2024CVE-2024-24449

Summary

CVE-2024-24449 is a vulnerability in OpenAirInterface CN5G AMF (a 5G network component) up to version 2.0.0 where an uninitialized pointer dereference (using a pointer variable that hasn't been set to a valid memory address) in the NasPdu::NasPdu component can be exploited. An attacker can send a specially crafted InitialUEMessage to cause a Denial of Service (DoS, making the service unavailable to legitimate users).

Vulnerability Details

CVSS Score

6.5(medium)

EPSS (30-day exploit probability)

EPSS: 0.2%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-824

Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-24449

First tracked: February 15, 2026 at 08:49 PM

Classified by LLM (prompt v3) · confidence: 95%