CVE-2024-24444
Published: 21 January 2025
Summary
CVE-2024-24444 is a high-severity Missing Release of File Descriptor or Handle after Effective Lifetime (CWE-775) vulnerability in Cellularsecurity (inferred from references). Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Service Exhaustion Flood (T1499.002); ranked in the top 48.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SC-6 (Resource Availability).
Deeper analysis
CVE-2024-24444 involves improper file descriptor handling for closed connections in OpenAirInterface CN5G AMF (oai-cn5g-amf) up to version 2.0.0. This vulnerability affects the N2 interface of the software, allowing attackers to trigger a Denial of Service (DoS) by repeatedly establishing SCTP connections. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and maps to CWE-775 (Allocation of File Descriptors or Handles Without Limits or Throttling). The issue was published on 2025-01-21.
Remote attackers with network access to the N2 interface can exploit this vulnerability without privileges, authentication, or user interaction due to its low attack complexity. By repeatedly establishing SCTP connections, which are not properly handled upon closure, attackers exhaust available file descriptors. This results in a High-impact availability disruption, preventing the AMF from processing legitimate connections and effectively denying service to the component.
Advisories and further details are available from OpenAirInterface at http://openairinterface.com and Cellular Security research at https://cellularsecurity.org/ransacked. Security practitioners should consult these sources for any recommended mitigations, such as software updates beyond version 2.0.0 or configuration hardening to limit connection rates.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-21863
Vulnerability details
Improper file descriptor handling for closed connections in OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) by repeatedly establishing SCTP connections with the N2 interface.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE enables resource exhaustion DoS against the AMF service via repeated SCTP connection establishment, directly mapping to service exhaustion flood and application exploitation for endpoint DoS.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SC-5 directly prevents DoS attacks by limiting the effects of repeated SCTP connection establishments that exhaust file descriptors on the N2 interface.
SC-6 protects resource availability by enforcing allocation methods and limits on file descriptors to mitigate exhaustion from improperly handled closed connections.
SC-7 enforces boundary protection at the N2 interface to monitor, control, and rate-limit incoming SCTP connections, reducing the risk of descriptor exhaustion.