P.3 Security aspects of ICMP

33.5013GPPRelease 18Security architecture and procedures for 5G SystemTS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

ICMP (Internet Control Message Protocol) is part of the internet protocol (IP) suite. The lack of security in ICMP may be exploited to launch further attacks on the 3GPP system. To mitigate such attacks, it is recommended that the use of ICMP is restricted in the UE and the UPF (e.g., by default, use of ICMP is not allowed). In scenarios where the use of ICMP is required, it is recommended that one or more of following mitigations be enforced:

– Disable the UE from responding to ICMP requests received over 3GPP network interface(s).

– Install IP filter(s) at the UPF in order to block ICMP messages. This filter can be activated either on a per N4 Session basis or on a UPF basis. For ICMPv6, the recommendations in RFC 4890 [85] can be used for filtering ICMPv6 messages.

– Limit the maximum size of ICMP messages (e.g., to 64 bytes). Any ICMP messages that are greater than this limit needs to be dropped by the UE as well as by the UPF.

Annex Q (informative):
Security and privacy in 5G system location services

Q.1 General

For security and privacy in 5GS LCS (5G System Location Services), the mechanisms defined in TS 23.273 [86] and TS 38.305 [87] apply.

Annex R (informative):
Authorization aspects in communication models for NF/NF services interaction

TS 23.501 [2], Annex E, summarizes the different communication models that NF and NF services can use to interact with each other.

Figures R-1 and R-2 provide an overview of the authorization aspects in the different models, as described in detail in clause 13.

Figure R-1: Illustration of authorization aspects in direct deployment models

Figure R-2: Illustration of authorization aspects in indirect deployment models

Annex S (normative):
Support for Non-seamless WLAN offload (NSWO) in 5GS