CVE-2024-49944
Published: Oct 21, 2024
Modified: May 12, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start In sctp_listen_start() invoked by sctp_inet_listen(), it should set the sk_state back to CLOSED if sctp_autobind() fails due to whatever reason. Otherwise, next time when calling sctp_inet_listen(), if sctp_sk(sk)->reuse is already set via setsockopt(SCTP_REUSE_PORT), sctp_sk(sk)->bind_hash will be dereferenced as sk_state is LISTENING, which causes a crash as bind_hash is NULL. KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] RIP: 0010:sctp_inet_listen+0x7f0/0xa20 net/sctp/socket.c:8617 Call Trace: <TASK> __sys_listen_socket net/socket.c:1883 [inline] __sys_listen+0x1b7/0x230 net/socket.c:1894 __do_sys_listen net/socket.c:1902 [inline]
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 5e8f3f703ae4e4af65e2695e486b3cd198328863 - < 89bbead9d897c77d0b566349c8643030ff2abebaaffected 5e8f3f703ae4e4af65e2695e486b3cd198328863 - < 0e4e2e60556c6ed00e8450b720f106a268d23062affected 5e8f3f703ae4e4af65e2695e486b3cd198328863 - < dd70c8a89ef99c3d53127fe19e51ef47c3f860faaffected 5e8f3f703ae4e4af65e2695e486b3cd198328863 - < e7a8442195e8ebd97df467ce4742980ab57edcceaffected 5e8f3f703ae4e4af65e2695e486b3cd198328863 - < 9230a59eda0878d7ecaa901d876aec76f57bd455+4 more versions |
Linux | Linux | affected 2.6.30unaffected 0 - < 2.6.30unaffected 4.19.323 - <= 4.19.*unaffected 5.4.285 - <= 5.4.*unaffected 5.10.227 - <= 5.10.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now