Cloud Vulnerability DB
An open project to list all known cloud vulnerabilities and Cloud Service Provider security issues
Vulnerability DatabaseCVE-2024-36889
CVE-2024-36889:
Linux Kernel vulnerability analysis and mitigation
Overview
CVE-2024-36889 affects the Linux kernel's MPTCP (Multipath TCP) implementation. The vulnerability was discovered when a corrupted snd_una value was detected during TCP fallback operations. The issue was reported by Christoph Paasch and was fixed in April 2024 (Kernel Git).
Technical details
The vulnerability occurs when fallback to TCP happens early on a client socket, where sndnxt is not yet initialized and any incoming acknowledgment will copy such value into snduna. If the mptcp worker attempts mptcp-level re-injection after such acknowledgment, it unconditionally triggers a send buffer cleanup using invalid snd_una values (Kernel Git).
Impact
The vulnerability could lead to system instability and potential denial of service conditions when using MPTCP connections that fall back to regular TCP operations (NVD).
Mitigation and workarounds
The fix involves initializing sndnxt and writeseq at connect time. The patch has been integrated into various Linux kernel versions and is available through distribution updates (Red Hat).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Get a personalized demo
Ready to see Wiz in action?
“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management