CVE-2024-49944

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58

Description: The issue arises in the Linux kernel when sctp autobind() fails in sctp listen start(), causing the sk state to not be set back to CLOSED. This leads to a crash when sctp inet listen() is called again if sctp sk(sk)->reuse is already set via setsockopt(SCTP REUSE PORT), as sctp sk(sk)->bind hash is dereferenced while sk state is LISTENING, and bind hash is NULL. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations: For Linux kernel versions prior to 6.6.58, update to version 6.6.58 or later to resolve the issue. As a temporary workaround, consider disabling the sctp inet listen() function until a patch is available. Restrict access to the sctp listen start() function to minimize the risk of exploitation. Avoid using the setsockopt(SCTP REUSE PORT) option in the affected API endpoint until the issue is resolved.