We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-50299

sctp: properly validate chunk size in sctp_sf_ootb()



Description

In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb() A size validation fix similar to that in Commit 50619dbf8db7 ("sctp: add size validation when walking chunks") is also required in sctp_sf_ootb() to address a crash reported by syzbot: BUG: KMSAN: uninit-value in sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712 sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712 sctp_do_sm+0x181/0x93d0 net/sctp/sm_sideeffect.c:1166 sctp_endpoint_bh_rcv+0xc38/0xf90 net/sctp/endpointola.c:407 sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88 sctp_rcv+0x3831/0x3b20 net/sctp/input.c:243 sctp4_rcv+0x42/0x50 net/sctp/protocol.c:1159 ip_protocol_deliver_rcu+0xb51/0x13d0 net/ipv4/ip_input.c:205 ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233

Reserved 2024-10-21 | Published 2024-11-19 | Updated 2024-11-19 | Assigner Linux

Product status

Default status
unaffected

1da177e4c3f4 before 67b9a278b80f
affected

1da177e4c3f4 before 9b5d42aeaf1a
affected

1da177e4c3f4 before 40b283ba7666
affected

1da177e4c3f4 before a758aa6a773b
affected

1da177e4c3f4 before bf9bff13225b
affected

1da177e4c3f4 before d3fb3cc83cf3
affected

1da177e4c3f4 before 8820d2d6589f
affected

1da177e4c3f4 before 0ead60804b64
affected

Default status
affected

2.6.12
affected

Any version before 2.6.12
unaffected

4.19.324
unaffected

5.4.286
unaffected

5.10.230
unaffected

5.15.172
unaffected

6.1.117
unaffected

6.6.61
unaffected

6.11.8
unaffected

6.12
unaffected

References

git.kernel.org/stable/c/67b9a278b80f71ec62091ded97c6bcbea33b5ec3

git.kernel.org/stable/c/9b5d42aeaf1a52f73b003a33da6deef7df34685f

git.kernel.org/stable/c/40b283ba76665437bc2ac72079c51b57b25bff9e

git.kernel.org/stable/c/a758aa6a773bb872196bcc3173171ef8996bddf0

git.kernel.org/stable/c/bf9bff13225baf5f658577f7d985fc4933d79527

git.kernel.org/stable/c/d3fb3cc83cf313e4f87063ce0f3fea76b071567b

git.kernel.org/stable/c/8820d2d6589f62ee5514793fff9b50c9f8101182

git.kernel.org/stable/c/0ead60804b64f5bd6999eec88e503c6a1a242d41

cve.org (CVE-2024-50299)

nvd.nist.gov (CVE-2024-50299)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-50299

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.