CVE-2024-50299
Published: Nov 19, 2024
Modified: May 12, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb() A size validation fix similar to that in Commit 50619dbf8db7 ("sctp: add size validation when walking chunks") is also required in sctp_sf_ootb() to address a crash reported by syzbot: BUG: KMSAN: uninit-value in sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712 sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712 sctp_do_sm+0x181/0x93d0 net/sctp/sm_sideeffect.c:1166 sctp_endpoint_bh_rcv+0xc38/0xf90 net/sctp/endpointola.c:407 sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88 sctp_rcv+0x3831/0x3b20 net/sctp/input.c:243 sctp4_rcv+0x42/0x50 net/sctp/protocol.c:1159 ip_protocol_deliver_rcu+0xb51/0x13d0 net/ipv4/ip_input.c:205 ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 67b9a278b80f71ec62091ded97c6bcbea33b5ec3affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 9b5d42aeaf1a52f73b003a33da6deef7df34685faffected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 40b283ba76665437bc2ac72079c51b57b25bff9eaffected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < a758aa6a773bb872196bcc3173171ef8996bddf0affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < bf9bff13225baf5f658577f7d985fc4933d79527+3 more versions |
Linux | Linux | affected 2.6.12unaffected 0 - < 2.6.12unaffected 4.19.324 - <= 4.19.*unaffected 5.4.286 - <= 5.4.*unaffected 5.10.230 - <= 5.10.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now