FlexRIC v2.0.0 uses a uint16_t counter for xapp_id...
High severity
Unreviewed
Published
Jun 1, 2026
to the GitHub Advisory Database
•
Updated Jun 2, 2026
Description
Published by the National Vulnerability Database
Jun 1, 2026
Published to the GitHub Advisory Database
Jun 1, 2026
Last updated
Jun 2, 2026
FlexRIC v2.0.0 uses a uint16_t counter for xapp_id assignment but stores the value in uint32_t message fields. After 65,530+ E42_SETUP_REQUESTs, the 16-bit counter wraps around and produces duplicate xapp_ids. The iApp (port 36422) crashes when attempting to register a duplicate ID in its internal data structure. A remote attacker can trigger this by repeatedly connecting and requesting new xApp registrations.
References