PRIOn knowledge basePRION:CVE-2024-0639

HistoryJan 17, 2024 - 4:15 p.m.

Denial of service

2024-01-1716:15:00

PRIOn knowledge base

www.prio-n.com

denial of service

linux kernel

sctp subsystem

deadlock

vulnerability

local user privileges

system crash

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.

CPENameOperatorVersion
linux_kernelle6.4.16
enterprise_linuxeq8.0
enterprise_linuxeq9.0

Name	Operator	Version
linux_kernel	le	6.4.16
enterprise_linux	eq	8.0
enterprise_linux	eq	9.0

References

access.redhat.com/security/cve/CVE-2024-0639

bugzilla.redhat.com/show_bug.cgi?id=2258754

github.com/torvalds/linux/commit/6feb37b3b06e9049e20dcf7e23998f92c9c5be9a