Login Sign Up

CVE-2024-57938

5.5 MEDIUM
Denial of Service

📋 TL;DR

This CVE-2024-57938 is an integer overflow vulnerability in the Linux kernel's SCTP protocol implementation. It allows attackers to trigger a kernel panic or denial of service by setting net.sctp.max_autoclose to UINT_MAX, affecting all Linux systems with SCTP enabled.

💻 Affected Systems

Products:
  • Linux Kernel
Versions: Specific affected versions not specified in CVE, but vulnerability exists in unpatched Linux kernels with SCTP support.
Operating Systems: Linux distributions with vulnerable kernel versions
Default Config Vulnerable: ✅ No
Notes: Requires SCTP protocol to be enabled and ability to set net.sctp.max_autoclose parameter to UINT_MAX.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially disrupting critical network services.

🟠

Likely Case

Local denial of service through kernel panic, requiring system reboot to recover.

🟢

If Mitigated

Minimal impact if SCTP is disabled or proper access controls prevent unauthorized users from modifying kernel parameters.

🌐 Internet-Facing: LOW - Requires local access or ability to modify kernel parameters, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Local users or compromised accounts could trigger denial of service on affected systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires local access and ability to modify kernel parameters. No public exploit code identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patched in Linux kernel stable releases referenced in CVE (multiple commit hashes provided)

Vendor Advisory: https://git.kernel.org/stable/c/081bdb3a31674339313c6d702af922bc29de2c53

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from official distribution repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable SCTP protocol

linux

Prevent exploitation by disabling SCTP protocol support

echo 'install sctp /bin/true' >> /etc/modprobe.d/disable-sctp.conf
rmmod sctp

Restrict kernel parameter modification

linux

Limit ability to modify net.sctp.max_autoclose parameter

sysctl -w kernel.sysctl_protected=1
chmod 644 /proc/sys/net/sctp/max_autoclose

🧯 If You Can't Patch

  • Implement strict access controls to prevent unauthorized users from modifying kernel parameters
  • Monitor for attempts to modify net.sctp.max_autoclose parameter and alert on suspicious activity

🔍 How to Verify

Check if Vulnerable:

Check if SCTP module is loaded: lsmod | grep sctp. Check kernel version against patched releases.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version after update: uname -r. Check that SCTP module is either disabled or system is running patched kernel.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs in /var/log/messages or dmesg
  • Unexpected system reboots
  • Failed attempts to modify net.sctp.max_autoclose

Network Indicators:

  • SCTP protocol traffic if normally unused
  • Unexpected SCTP connection attempts

SIEM Query:

source="kernel" AND ("panic" OR "Oops") AND "sctp"

📊 Metadata

CVE ID: CVE-2024-57938
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-190
EPSS Score: 0.03% exploit probability (9.5th percentile)
Published: January 21, 2025
Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-57938, you might also want to check these:

CVE-2025-64721 10.0

This vulnerability in Sandboxie allows sandboxed processes to exploit an integer overflow in the Sbi...

Same vulnerability type (CWE-190)
CVE-2025-52581 9.8

An integer overflow vulnerability in libbiosig's GDF file parsing allows arbitrary code execution wh...

Same vulnerability type (CWE-190)
CVE-2025-53518 9.8

An integer overflow vulnerability in libbiosig's ABF file parser allows arbitrary code execution whe...

Same vulnerability type (CWE-190)