CVE-2024-37356 – This CVE describes an integer overflow vulnerab... (How to Fix)

Q: What is the severity of CVE-2024-37356?

CVE-2024-37356 has a CVSS score of 5.5 (MEDIUM). This CVE describes an integer overflow vulnerability in the Linux kernel's DCTCP congestion control module. Attackers with local access can trigger a shift-out-of-bounds error by writing large values to the dctcp_shift_g module parameter, potentially causing kernel crashes or instability. This affects systems using the DCTCP congestion control algorithm.

📋 TL;DR

This CVE describes an integer overflow vulnerability in the Linux kernel's DCTCP congestion control module. Attackers with local access can trigger a shift-out-of-bounds error by writing large values to the dctcp_shift_g module parameter, potentially causing kernel crashes or instability. This affects systems using the DCTCP congestion control algorithm.

💻 Affected Systems

Products:

Linux kernel

Versions: Versions before the fix commits (specific versions vary by distribution; generally Linux kernel versions before the fix in 2024)

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ✅ No

Notes: Only vulnerable if DCTCP congestion control is enabled and users have write access to /sys/module/tcp_dctcp/parameters/dctcp_shift_g

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially disrupting network connectivity and system availability.

🟠

Likely Case

Local denial of service through kernel crash or instability, requiring system reboot to recover.

🟢

If Mitigated

No impact if proper access controls prevent unauthorized users from writing to module parameters.

🌐 Internet-Facing: LOW - Requires local access to exploit; not directly exploitable over network.

🏢 Internal Only: MEDIUM - Local users or compromised accounts could trigger denial of service on affected systems.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Syzkaller fuzzer discovered and demonstrated the exploit. Requires local access and ability to write to sysfs module parameters.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 02261d3f9dc7d1d7be7d778f839e3404ab99034c, 06d0fe049b51b0a92a70df8333fd85c4ba3eb2c6, 237340dee373b97833a491d2e99fcf1d4a9adafd, 3ebc46ca8675de6378e3f8f40768e180bb8afa66, 6aacaa80d962f4916ccf90e2080306cec6c90fcf

Vendor Advisory: https://git.kernel.org/stable/c/02261d3f9dc7d1d7be7d778f839e3404ab99034c

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel. 3. Verify fix by checking kernel version and attempting to write invalid values to dctcp_shift_g parameter.

🔧 Temporary Workarounds

Restrict sysfs parameter access

linux

Limit write access to the vulnerable module parameter to prevent exploitation

chmod 644 /sys/module/tcp_dctcp/parameters/dctcp_shift_g
chown root:root /sys/module/tcp_dctcp/parameters/dctcp_shift_g

Disable DCTCP module

linux

Unload the tcp_dctcp module if not required

rmmod tcp_dctcp

🧯 If You Can't Patch

Implement strict access controls on /sys/module/tcp_dctcp/parameters/ directory
Monitor for unauthorized attempts to write to kernel module parameters

🔍 How to Verify

Check if Vulnerable:

Check if kernel version is vulnerable and DCTCP module is loaded: lsmod | grep tcp_dctcp

Check Version:

uname -r

Verify Fix Applied:

Attempt to write invalid value: echo 100 > /sys/module/tcp_dctcp/parameters/dctcp_shift_g 2>/dev/null && echo 'VULNERABLE' || echo 'PATCHED'

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
UBSAN shift-out-of-bounds warnings in kernel logs
Failed write attempts to dctcp_shift_g parameter

Network Indicators:

Sudden TCP connection drops on systems using DCTCP

SIEM Query:

source="kernel" AND ("shift-out-of-bounds" OR "dctcp_update_alpha" OR "UBSAN")

📊 Metadata

CVE ID: CVE-2024-37356

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-190

Published: June 21, 2024

Last Updated: November 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-37356, you might also want to check these: