CVE-2024-57938 – Linux SCTP Integer Overflow Vulnerability

CVE ID : CVE-2024-57938

Published : Jan. 21, 2025, 12:15 p.m. | 1 hour ago

Description : In the Linux kernel, the following vulnerability has been resolved:

net/sctp: Prevent autoclose integer overflow in sctp_association_init()

While by default max_autoclose equals to INT_MAX / HZ, one may set
net.sctp.max_autoclose to UINT_MAX. There is code in
sctp_association_init() that can consequently trigger overflow.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-57938 – Linux SCTP Integer Overflow Vulnerability