A new vulnerability, CVE-2024-50299, has been discovered in the Linux kernel, specifically in the Stream Control Transmission Protocol (SCTP) subsystem. This vulnerability can lead to crashes and potentially other security issues if exploited by an attacker. In this post, we will provide an overview of the vulnerability, including a code snippet, links to original references, and exploit details.
Vulnerability Details
The vulnerability, CVE-2024-50299, resides in the sctp_sf_ootb() function of the Linux kernel SCTP implementation. This function is responsible for handling out-of-the-ordinary (OOTB) packets. The vulnerability exists due to improper size validation when processing SCTP chunks in these OOTB packets.
A fix has been introduced to resolve this vulnerability by adding size validation logic similar to that found in Commit 50619dbf8db7 ("sctp: add size validation when walking chunks").
The crash was initially reported by the syzbot tool, which detected uninitialized memory usage in the sctp_sf_ootb function.
Here is a code snippet from the patch that resolves the vulnerability
if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_chunkhdr))) {
*error = -SCTP_IERROR_BAD_SID;
return ;
}
Exploit Details
An attacker could potentially exploit this vulnerability by sending specially crafted SCTP packets to a target system, causing the target system to crash or trigger other unintended behaviors.
It is important to note that actual exploits have not been observed in the wild. However, as a precaution, it is recommended that users apply the necessary patch to protect against this vulnerability.
Original References and Patch Information
Below, you can find links to the original references and the patch information related to CVE-2024-50299:
1. Linux kernel mailing list discussion
2. Patch resolving the vulnerability
3. Commit 50619dbf8db7 ("sctp: add size validation when walking chunks")
Conclusion
In summary, CVE-2024-50299 is a vulnerability in the Linux kernel's SCTP subsystem that can potentially be exploited to cause crashes and other unintended behaviors. It is recommended that users apply the necessary patch to ensure their systems are protected against this vulnerability. More information can be found in the original references linked above.
Timeline
Published on: 11/19/2024 02:16:32 UTC
Last modified on: 12/19/2024 09:37:42 UTC