CVE-2026-33904: Ella Core has a Denial of Service via SCTP connection cleanup deadlock
(updated )
A deadlock in the AMF’s SCTP notification handler causes the entire AMF control plane to hang until the process is restarted.
References
- github.com/advisories/GHSA-9h59-p45g-445h
- github.com/ellanetworks/core
- github.com/ellanetworks/core/commit/999f606c5cae261471d9e3f063d7ecd1bd754076
- github.com/ellanetworks/core/releases/tag/v1.7.0
- github.com/ellanetworks/core/security/advisories/GHSA-9h59-p45g-445h
- nvd.nist.gov/vuln/detail/CVE-2026-33904
Code Behaviors & Features
Detect and mitigate CVE-2026-33904 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →