Wind River Support Network

HomeDefectsLIN1023-3390
Fixed

LIN1023-3390 : Security Advisory - linux - CVE-2024-0639

Created: Jan 17, 2024    Updated: Jan 19, 2024
Resolved Date: Jan 19, 2024
Found In Version: 10.23.30.1
Fix Version: 10.23.30.2
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel

Description

A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.

CREATE(Triage):(User=admin) CVE-2024-0639 (https://nvd.nist.gov/vuln/detail/CVE-2024-0639)

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube