FlexRIC v2.0.0 crashes when receiving a duplicate E2SETUPREQUEST from the same or spoofed E2 Node. The iApp registry enforces node ID uniqueness via assert rather than graceful rejection. A remote unauthenticated attacker can crash the iApp process port 36421 by sending two E2SETUPREQUESTs with the same E2 node configuration, triggering SIGABRT...
Exploit
CVE-2026-37224
Vulners
Refer to CVE-2026-37224 NVD advisory