Back to search
CVE-2024-57938
Published: Jan 21, 2025
Modified: May 11, 2026
PUBLISHED
Description
In the Linux kernel, the following vulnerability has been resolved: net/sctp: Prevent autoclose integer overflow in sctp_association_init() While by default max_autoclose equals to INT_MAX / HZ, one may set net.sctp.max_autoclose to UINT_MAX. There is code in sctp_association_init() that can consequently trigger overflow.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 9f70f46bd4c7267d48ef461a1d613ec9ec0d520c - < 94b7ed0a4896420988e1776942f0a3f67167873eaffected 9f70f46bd4c7267d48ef461a1d613ec9ec0d520c - < 081bdb3a31674339313c6d702af922bc29de2c53affected 9f70f46bd4c7267d48ef461a1d613ec9ec0d520c - < f9c3adb083d3278f065a83c3f667f1246c74c31faffected 9f70f46bd4c7267d48ef461a1d613ec9ec0d520c - < 7af63ef5fe4d480064eb22583b24ffc8b408183aaffected 9f70f46bd4c7267d48ef461a1d613ec9ec0d520c - < 271f031f4c31c07e2a85a1ba2b4c8e734909a477+2 more versions |
Linux | Linux | affected 3.13unaffected 0 - < 3.13unaffected 5.4.289 - <= 5.4.*unaffected 5.10.233 - <= 5.10.*unaffected 5.15.176 - <= 5.15.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now