Low severityGHSA Advisory· Published May 11, 2026· Updated May 11, 2026

Ella Core has handover failures during concurrent Security Mode Command

CVE-2026-44474

Description

Summary

Ella Core didn't enforce security rules on concurrent running of security procedures defined in TS 33.501 §6.9.5.1 — it could send a NAS Security Mode Command while an N2 handover was still pending (and vice versa).

Impact

Concurrent Security Mode Command and N2 handover produce a KgNB mismatch between the UE and target gNB, causing the handover to fail. Requires a stalled gNB + re-registration race to trigger.

Fix

Ella Core now enforces both rules from §6.9.5.1, blocking concurrent Security Mode Command and N2 handover procedures.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
github.com/ellanetworks/coreGo	< 1.10.0	1.10.0

Affected products

Ellanetworks/CoreGHSA
Range: < 1.10.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/advisories/GHSA-mc29-hmx6-856qghsaADVISORY
github.com/ellanetworks/core/security/advisories/GHSA-mc29-hmx6-856qghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.065
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000