AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2024-24450: Stack-based memcpy buffer overflow in the ngap_handle_pdu_session_resource_setup_response routine in OpenAirInterface CN

mediumvulnerability

security

Source: NVD/CVE DatabaseNovember 15, 2024CVE-2024-24450

Summary

OpenAirInterface CN (a 5G network software) versions 2.0.0 and earlier contain a stack-based buffer overflow (a memory safety bug where data overflows allocated memory space) in a function that handles network messages, allowing remote attackers to crash the system or potentially run unauthorized code by sending specially crafted network packets. The vulnerability affects the N2 interface (the connection between radio access networks and the core network).

Vulnerability Details

CVSS Score

5.3(medium)

EPSS (30-day exploit probability)

EPSS: 9.4%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-120

CAPEC (Attack Pattern)

CAPEC-100

Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-24450

First tracked: February 15, 2026 at 08:49 PM

Classified by LLM (prompt v3) · confidence: 95%