FlexRIC Multi-Identity xApp Association Resource Leak Vulnerability

A resource leak vulnerability has been identified in FlexRIC version 2.0.0. This issue arises because a single SCTP connection can bind multiple xapp_ids by sending multiple E42_SETUP_REQUEST messages. When the connection is disconnected, only the resources for the first registered xapp_id are cleaned up, leaving the subsequent xapp_ids and their associated subscriptions as stale entries. This vulnerability can be exploited by a remote attacker to leak subscription state in the iApp, potentially leading to resource exhaustion or state corruption over time.

Impact

Exploitation of this vulnerability causes stale xapp_id entries and subscriptions to accumulate, which can exhaust resources and corrupt state information in the iApp over time.

Reproduction

To reproduce this vulnerability, establish an SCTP connection to the iApp port 36422 and send multiple valid E42_SETUP_REQUEST messages over the same connection. The iApp will respond with different xapp_id values for the single SCTP association. Once the connection is closed, only one xapp_id is cleaned up, leaving the others and their subscription states as stale.