FlexRIC Duplicate E2 Setup Request Assertion Crash Vulnerability

A denial-of-service vulnerability has been identified in FlexRIC version 2.0.0. The issue arises when the application receives duplicate E2_SETUP_REQUEST messages from the same or a spoofed E2 node. The iApp registry incorrectly handles duplicate node IDs by using an assertion to enforce uniqueness, rather than rejecting duplicates gracefully. This flaw allows a remote, unauthenticated attacker to crash the iApp process by sending two E2_SETUP_REQUESTs with identical E2 node configurations, causing the application to abort.

Impact

Exploitation of this vulnerability leads to a crash of the iApp process, causing a denial-of-service condition.

Reproduction

To reproduce this vulnerability, send two E2_SETUP_REQUEST messages with the same GlobalE2node_ID to the near-RT RIC over SCTP on port 36421. The second request will trigger the assertion in the E2 node registry, causing the process to abort.

Remediation

No upstream fix was available at the time of publication. Operators are advised to restrict E2 SCTP access to trusted nodes. The registry should be modified to handle E2 setup requests idempotently or return a duplicate-registration error instead of asserting.