medium
5.5
Advisory Published
Updated

CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start

First published: Mon Oct 21 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start In sctp_listen_start() invoked by sctp_inet_listen(), it should set the sk_state back to CLOSED if sctp_autobind() fails due to whatever reason. Otherwise, next time when calling sctp_inet_listen(), if sctp_sk(sk)->reuse is already set via setsockopt(SCTP_REUSE_PORT), sctp_sk(sk)->bind_hash will be dereferenced as sk_state is LISTENING, which causes a crash as bind_hash is NULL. KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] RIP: 0010:sctp_inet_listen+0x7f0/0xa20 net/sctp/socket.c:8617 Call Trace: <TASK> __sys_listen_socket net/socket.c:1883 [inline] __sys_listen+0x1b7/0x230 net/socket.c:1894 __do_sys_listen net/socket.c:1902 [inline]

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Linux Kernel>=2.6.30<5.10.227
Linux Kernel>=5.11<5.15.168
Linux Kernel>=5.16<6.1.113
Linux Kernel>=6.2<6.6.55
Linux Kernel>=6.7<6.10.14
Linux Kernel>=6.11<6.11.3
Linux Kernel=6.12-rc1
debian/linux<=5.10.223-1<=5.10.226-1
6.1.123-1
6.1.128-1
6.12.12-1
6.12.15-1
debian/linux-6.1
6.1.119-1~deb11u1

Remedy

https://git.kernel.org/stable/c/0e4e2e60556c6ed00e8450b720f106a268d23062

Remedy

https://git.kernel.org/stable/c/7f64cb5b4d8c872296eda0fdce3bcf099eec7aa7

Remedy

https://git.kernel.org/stable/c/89bbead9d897c77d0b566349c8643030ff2abeba

Remedy

https://git.kernel.org/stable/c/8beee4d8dee76b67c75dc91fd8185d91e845c160

Remedy

https://git.kernel.org/stable/c/9230a59eda0878d7ecaa901d876aec76f57bd455

Remedy

https://git.kernel.org/stable/c/dd70c8a89ef99c3d53127fe19e51ef47c3f860fa

Remedy

https://git.kernel.org/stable/c/e7a8442195e8ebd97df467ce4742980ab57edcce

Remedy

https://git.kernel.org/stable/c/e914bf68dab88815a7ae7b7a3a5e8913c8ff14a5

Remedy

https://git.kernel.org/stable/c/f032e1dac30b3376c7d6026fb01a8c403c47a80d

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-49944?

    CVE-2024-49944 has been classified as a moderate severity vulnerability.

  • How do I fix CVE-2024-49944?

    To fix CVE-2024-49944, upgrade to the latest patched version of the Linux kernel as specified in the security advisory.

  • Which versions of the Linux kernel are affected by CVE-2024-49944?

    CVE-2024-49944 affects multiple versions of the Linux kernel, specifically versions from 2.6.30 up to 6.11.3, and some release candidates.

  • What impact does CVE-2024-49944 have on system security?

    CVE-2024-49944 can potentially lead to unexpected behavior in the state management of SCTP sockets, affecting network communication.

  • Is there a specific patch for CVE-2024-49944?

    Yes, the patch for CVE-2024-49944 is included in the newer releases of the Linux kernel that address the vulnerability.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203