-
RANsacked: Uncovering critical vulnerabilities in cellular network infrastructure TOP NEW
Image created with DALLE-3 We discover 119 vulnerabilities in LTE/5G core infrastructure, each of which can result in persistent denial of cell service to an entire metropolitan area or city and some of which can be used to remotely compromise and access the cellular core. Our research covers seven LTE implementations (Open5GS, Magma, OpenAirI... Read More
-
CVE-2021-33912 and CVE-2021-33913: Heap overflows in email validation library LibSPF2 TOP NEW
Two bugs related to the parsing of SPF (Sender Policy Framework) records have been found in LibSPF2, a library commonly used to determine the validity of email received to a server. One of these bugs allows for relatively flexible memory corruption in the heap, while the other affects only up to four bytes past the end of an allocated buffer. Bo... Read More