cve/2024/CVE-2024-49944.md

### [CVE-2024-49944](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49944)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.6.30%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5e8f3f703ae4e4af65e2695e486b3cd198328863%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

In the Linux kernel, the following vulnerability has been resolved:sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_startIn sctp_listen_start() invoked by sctp_inet_listen(), it should set thesk_state back to CLOSED if sctp_autobind() fails due to whatever reason.Otherwise, next time when calling sctp_inet_listen(), if sctp_sk(sk)->reuseis already set via setsockopt(SCTP_REUSE_PORT), sctp_sk(sk)->bind_hash willbe dereferenced as sk_state is LISTENING, which causes a crash as bind_hashis NULL.  KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]  RIP: 0010:sctp_inet_listen+0x7f0/0xa20 net/sctp/socket.c:8617  Call Trace:   <TASK>   __sys_listen_socket net/socket.c:1883 [inline]   __sys_listen+0x1b7/0x230 net/socket.c:1894   __do_sys_listen net/socket.c:1902 [inline]

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/w4zu/Debian_security
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`### [CVE-2024-49944](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49944)`
			`![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=2.6.30%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=5e8f3f703ae4e4af65e2695e486b3cd198328863%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)`

			`### Description`

			In the Linux kernel, the following vulnerability has been resolved:sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_startIn sctp_listen_start() invoked by sctp_inet_listen(), it should set thesk_state back to CLOSED if sctp_autobind() fails due to whatever reason.Otherwise, next time when calling sctp_inet_listen(), if sctp_sk(sk)->reuseis already set via setsockopt(SCTP_REUSE_PORT), sctp_sk(sk)->bind_hash willbe dereferenced as sk_state is LISTENING, which causes a crash as bind_hashis NULL. KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] RIP: 0010:sctp_inet_listen+0x7f0/0xa20 net/sctp/socket.c:8617 Call Trace: <TASK> __sys_listen_socket net/socket.c:1883 [inline] __sys_listen+0x1b7/0x230 net/socket.c:1894 __do_sys_listen net/socket.c:1902 [inline]

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/w4zu/Debian_security`