Security Advisory

CVE-2024-57938

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-21 12:09:15
Last updated 2026-05-11 21:01:00
Assigner Linux
State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: net/sctp: Prevent autoclose integer overflow in sctp_association_init() While by default max_autoclose equals to INT_MAX / HZ, one may set net.sctp.max_autoclose to UINT_MAX. There is code in sctp_association_init() that can consequently trigger overflow.