CVE-2024-50299: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-50299 affects the Linux kernel's SCTP (Stream Control Transmission Protocol) implementation. The vulnerability was discovered in the sctp_sf_ootb() function where improper chunk size validation could lead to a crash. This issue affects Linux kernel versions from 2.6.12 up to versions before 4.19.324, 5.4.286, 5.10.230, 5.15.172, and other versions in between (NVD).

The vulnerability stems from insufficient size validation in the sctp_sf_ootb() function within net/sctp/sm_statefuns.c. Similar to a previous fix in commit 50619dbf8db7 for chunk size validation, this vulnerability required proper validation when walking chunks. The issue manifests as a KMSAN (Kernel Memory Sanitizer) reported uninit-value bug in the sctp_sf_ootb function. The CVSS v3.1 base score is 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can lead to a system crash when processing SCTP packets, affecting system availability. The issue is classified as CWE-908 (Use of Uninitialized Resource) and primarily impacts system stability (NVD).

The issue has been fixed through a patch that properly validates chunk size in sctp_sf_ootb(). The fix involves modifying the condition in the while loop to ensure proper size validation: 'while (ch_end + sizeof(*ch) < skb_tail_pointer(skb))'. Multiple Linux distributions have released updates to address this vulnerability, including Ubuntu and Debian (Kernel Patch).