{"id":"CVE-2026-9299","summary":"omec-project amf handler.go PDUSessionResourceModifyIndication memory corruption","details":"A flaw has been found in omec-project amf up to 2.1.1. Affected by this issue is the function PDUSessionResourceModifyIndication of the file /go/src/amf/ngap/handler.go. This manipulation causes memory corruption. Remote exploitation of the attack is possible. The exploit has been published and may be used. Applying a patch is the recommended action to fix this issue.","aliases":["GHSA-m9r6-r5c3-jw4j","GO-2026-5843"],"modified":"2026-07-08T08:11:38.785137389Z","published":"2026-05-23T11:00:14.603Z","database_specific":{"cwe_ids":["CWE-119"],"cna_assigner":"VulDB","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/9xxx/CVE-2026-9299.json"},"references":[{"type":"WEB","url":"https://github.com/omec-project/amf/"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/9xxx/CVE-2026-9299.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-9299"},{"type":"ADVISORY","url":"https://vuldb.com/submit/811829"},{"type":"ADVISORY","url":"https://vuldb.com/vuln/365246"},{"type":"REPORT","url":"https://github.com/omec-project/amf/issues/681"},{"type":"REPORT","url":"https://vuldb.com/vuln/365246/cti"},{"type":"FIX","url":"https://github.com/omec-project/amf/pull/666"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/omec-project/amf","events":[{"introduced":"ce8596eeaee034103bfc8ca7b480eb2a50b0a41b"},{"last_affected":"38829182db3a0de15350f6ec761ce36f9b5c3c75"}],"database_specific":{"source":"AFFECTED_FIELD","extracted_events":[{"introduced":"2.1.0"},{"last_affected":"2.1.0"},{"introduced":"2.1.1"},{"last_affected":"2.1.1"}]}}],"versions":["2.1.0","2.1.1","v2.1.1","v2.1.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-9299.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}]}