AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2024-24442: A NULL pointer dereference in the ngap_app::handle_receive routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.

highvulnerability

security

Source: NVD/CVE DatabaseJanuary 21, 2025CVE-2024-24442

Summary

CVE-2024-24442 is a NULL pointer dereference (a crash caused by code trying to access memory that doesn't exist) in OpenAirInterface CN5G AMF (a component used in 5G mobile networks) up to version 2.0.0 that allows attackers to cause a Denial of Service (DoS, making a service unavailable) by sending a specially crafted NGAP message (a control message used in 5G networks).

Vulnerability Details

CVSS Score

7.5(high)

EPSS (30-day exploit probability)

EPSS: 0.4%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-476

Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-24442

First tracked: February 15, 2026 at 08:49 PM

Classified by LLM (prompt v3) · confidence: 95%