CVE-2024-24199 – CVE-2024-24199 is a memory misalignment vulnera... (How to Fix)

📋 TL;DR

CVE-2024-24199 is a memory misalignment vulnerability in smartdns that could allow attackers to cause denial of service or potentially execute arbitrary code. This affects systems running smartdns with the vulnerable code. The vulnerability stems from improper memory alignment in DNS packet processing.

💻 Affected Systems

Products:

smartdns

Versions: Versions before commit 54b4dc

Operating Systems: Linux, Windows, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: All smartdns deployments using the vulnerable code are affected regardless of configuration

📦 What is this software?

Smartdns by Pymumu

View all CVEs affecting Smartdns →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise

🟠

Likely Case

Denial of service causing smartdns to crash

🟢

If Mitigated

Limited impact if proper network segmentation and access controls are in place

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires sending specially crafted DNS packets to the vulnerable service

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Commit 54b4dc or later

Vendor Advisory: https://github.com/pymumu/smartdns/issues/1628

Restart Required: Yes

Instructions:

1. Update smartdns to commit 54b4dc or later
2. Rebuild from source if using source installation
3. Restart the smartdns service

🔧 Temporary Workarounds

Network segmentation

linux

Restrict access to smartdns service to trusted networks only

iptables -A INPUT -p tcp --dport 53 -s trusted_network -j ACCEPT
iptables -A INPUT -p udp --dport 53 -s trusted_network -j ACCEPT
iptables -A INPUT -p tcp --dport 53 -j DROP
iptables -A INPUT -p udp --dport 53 -j DROP

🧯 If You Can't Patch

Implement strict network access controls to limit exposure
Monitor smartdns process health and restart automatically if crashes occur

🔍 How to Verify

Check if Vulnerable:

Check smartdns version or commit hash. If before commit 54b4dc, it's vulnerable.

Check Version:

smartdns -v

Verify Fix Applied:

Verify smartdns is running commit 54b4dc or later and test with normal DNS queries

📡 Detection & Monitoring

Log Indicators:

smartdns crash logs
segmentation fault errors in system logs
unexpected service restarts

Network Indicators:

Unusual DNS traffic patterns
Malformed DNS packets to port 53

SIEM Query:

source="smartdns.log" AND ("segmentation fault" OR "crash" OR "SIGSEGV")

📊 Metadata

CVE ID: CVE-2024-24199

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Published: June 6, 2024

Last Updated: March 13, 2025

🔗 References

https://github.com/pymumu/smartdns/issues/1628 Issue Tracking
https://github.com/pymumu/smartdns/issues/1628 Issue Tracking

📤 Share & Export

📄 Export Markdown 📋 Export JSON