CVE-2026-7585 Overview
CVE-2026-7585 affects Open5GS releases up to and including version 2.7.7. The flaw resides in the amf_nudm_sdm_handle_provisioned function in /src/amf/nudm-handler.c, part of the Access and Mobility Management Function (AMF) component. An authenticated remote attacker can manipulate input to this handler and trigger a denial of service condition. The issue is classified under [CWE-404] (Improper Resource Shutdown or Release). The exploit details have been publicly disclosed. The Open5GS project received an issue report but has not yet responded at the time of publication.
Critical Impact
Remote attackers with low privileges can disrupt 5G core network availability by crashing or destabilizing the AMF service, affecting subscriber mobility and session management.
Affected Products
- Open5GS versions up to and including 2.7.7
- Open5GS AMF (Access and Mobility Management Function) component
- Deployments running the amf_nudm_sdm_handle_provisioned handler in nudm-handler.c
Discovery Timeline
- 2026-05-01 - CVE-2026-7585 published to NVD
- 2026-05-07 - Last updated in NVD database
Technical Details for CVE-2026-7585
Vulnerability Analysis
The vulnerability lives in the AMF component of Open5GS, an open-source implementation of 5G Core and EPC. The AMF handles registration, connection, reachability, and mobility management for 5G subscribers. The amf_nudm_sdm_handle_provisioned function processes Subscription Data Management (SDM) responses from the Unified Data Management (UDM) network function over the Nudm interface.
The weakness maps to [CWE-404], indicating improper resource shutdown or release. When the function receives crafted or unexpected inputs during the provisioned subscription data exchange, it fails to release or properly handle resources. This leads to a denial of service condition that interrupts the AMF service.
Because the AMF is central to 5G control-plane operations, disruption affects subscriber registration, paging, and mobility procedures across the served network slice.
Root Cause
The root cause is improper handling of resources within amf_nudm_sdm_handle_provisioned when processing SDM provisioned data messages. Insufficient validation or cleanup logic causes the AMF process to enter a faulty state when specific message conditions occur. Refer to GitHub Open5GS Issue #4403 for the public technical discussion.
Attack Vector
The attack vector is network-based and requires low privileges (PR:L). An attacker capable of sending traffic that reaches the AMF Nudm interface — for example, a compromised or rogue UDM, a misconfigured service mesh peer, or an adversary with foothold inside the service-based architecture (SBA) — can deliver the malicious message. No user interaction is required. The result is a partial availability impact (VA:L) on the AMF without compromise of confidentiality or integrity.
No verified proof-of-concept code is published in the references. The vulnerability mechanism is described in the linked VulDB Vulnerability #360533 entry and the associated Open5GS issue tracker.
Detection Methods for CVE-2026-7585
Indicators of Compromise
- Unexpected AMF process crashes, restarts, or hangs correlated with inbound Nudm SDM traffic
- Repeated or malformed Nudm_SDM_GetSharedData or provisioned subscription data responses arriving at the AMF
- Loss of registration and mobility services for UEs served by the affected AMF instance
Detection Strategies
- Monitor AMF logs for errors originating in amf_nudm_sdm_handle_provisioned or the nudm-handler.c code path
- Inspect HTTP/2 traffic on the Service Based Interface (SBI) for malformed SDM payloads targeting the AMF
- Track service health metrics for the AMF pod or process and alert on abnormal restart counts
Monitoring Recommendations
- Enable verbose logging on Open5GS AMF and forward logs to a central analytics platform for correlation
- Set thresholds on AMF availability and SBI request error rates to detect denial-of-service patterns early
- Audit which network functions and tenants are authorized to communicate with the AMF on the Nudm interface
How to Mitigate CVE-2026-7585
Immediate Actions Required
- Inventory all Open5GS deployments and confirm whether any instance runs version 2.7.7 or earlier
- Restrict network reachability to the AMF SBI so only trusted UDM peers within the 5G core can initiate Nudm sessions
- Apply mutual TLS and OAuth2 token validation between SBI peers to limit who can deliver SDM responses
- Track the GitHub Open5GS Repository for an upstream fix and apply it once released
Patch Information
No official patch is available at the time of publication. The Open5GS maintainers have been notified through GitHub Open5GS Issue #4403 but have not responded. Operators should subscribe to the repository and the issue tracker for updates and rebuild from source once a fix is committed.
Workarounds
- Place the AMF behind a service mesh or API gateway that validates and rate-limits Nudm SDM messages
- Segment the 5G core control plane so external networks cannot reach the AMF SBI directly
- Configure process supervisors (systemd, Kubernetes liveness probes) to automatically restart the AMF if it crashes, reducing downtime while a patch is pending
- Consider rolling back to an earlier known-stable release only if testing confirms the issue is not present in that version
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
