Ella Core vulnerable to Unauthenticated AMF DoS via malformed InitialUEMessage with undersized integrity-protected NAS payload

GHSA-m9pm-w3gv-c68f · CVE-2026-32319 · GO-2026-4692

Published Mar 12, 2026 · Modified Mar 23, 2026

Description

Summary

Ella Core panics when processing a malformed integrity protected NGAP/NAS message with a length under 7 bytes.

Impact

An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all connected subscribers. No authentication is required.

Fix

Added length verification to NAS message handling.

References

WEB https://github.com/ellanetworks/core/security/advisories/GHSA-m9pm-w3gv-c68f
ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2026-32319
PACKAGE https://github.com/ellanetworks/core
WEB https://github.com/ellanetworks/core/releases/tag/v1.5.1
WEB https://pkg.go.dev/vuln/GO-2026-4692

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes