CVE-2024-36905Divide By Zero in Linux

CWE-369Divide By Zero40 documents6 sources
Severity
5.5MEDIUMNVD
OSV7.8OSV6.5
EPSS
0.0%
top 98.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedMay 30
Latest updateSep 18

Description

In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets TCP_SYN_RECV state is really special, it is only used by cross-syn connections, mostly used by fuzzers. In the following crash [1], syzbot managed to trigger a divide by zero in tcp_rcv_space_adjust() A socket makes the following state transitions, without ever calling tcp_init_transfer(), meaning tcp_init_buffer_space() is also not called. TCP_CLOSE connect() TCP_

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages5 packages

NVDlinux/linux_kernel2.6.12.14.19.314+8
Debianlinux/linux_kernel< 5.10.218-1+3
Ubuntulinux/linux_kernel< 5.4.0-192.212+2
CVEListV5linux/linux1da177e4c3f41524e886b7f1b8a0c1fc7321cac234e41a031fd7523bf1cd00a2adca2370aebea270+8
debiandebian/linux< linux 6.1.94-1 (bookworm)

Also affects: Debian Linux 10.0

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

19
OSV
linux-xilinx-zynqmp vulnerabilities2024-09-18
OSV
linux-raspi-5.4 vulnerabilities2024-08-22
OSV
linux-hwe-5.15 vulnerabilities2024-08-21
OSV
linux-bluefield vulnerabilities2024-08-21
OSV
linux-azure-5.4 vulnerabilities2024-08-19

📋Vendor Advisories

19
Ubuntu
Linux kernel vulnerabilities2024-09-18
Ubuntu
Linux kernel (Raspberry Pi) vulnerabilities2024-08-22
Ubuntu
Linux kernel (HWE) vulnerabilities2024-08-21
Ubuntu
Linux kernel (BlueField) vulnerabilities2024-08-21
Ubuntu
Linux kernel (Azure) vulnerabilities2024-08-19

💬Community

1
Bugzilla
CVE-2024-36905 kernel: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets2024-06-03