CVE-2026-33063

CVE-2026-33063 is an Improper Null Check vulnerability (CWE-476) in the AUSF component of free5GC, an open-source 5G core network implementation. AUSF versions prior to 1.4.2 are affected, including all deployments of free5GC v4.0.1 that utilize the UE authentication service at the `/nausf-auth/v1/ue-authentications` endpoint. The flaw occurs in the `GetSupiFromSuciSupiMap` function, which attempts an interface conversion from `interface{}` to `*context.SuciSupiMap` without checking if the underlying `SuciSupiMap` value is nil, triggering a panic with the error "interface conversion: interface {} is nil, not *context.SuciSupiMap" and leading to denial of service.

A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted UE authentication request to the affected endpoint, causing the AUSF service to panic and crash. This results in a complete denial of service for the AUSF authentication service, disrupting 5G core network authentication operations. The vulnerability carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), reflecting its high availability impact and ease of remote exploitation without privileges or user interaction.

free5GC AUSF version 1.4.2 patches the issue by addressing the nil check in the interface conversion. No direct application-level workaround exists, though restricting access to the AUSF API to trusted sources is recommended as a mitigation. Key resources include the patching commit (https://github.com/free5gc/ausf/commit/3b9ac4403c2756dc89a5ed3cdcefe688458588aa), pull request (https://github.com/free5gc/ausf/pull/52), issue discussion (https://github.com/free5gc/free5gc/issues/778), and GitHub security advisory (https://github.com/free5gc/free5gc/security/advisories/GHSA-4jrw-92fg-4jwx).