CVE-2024-49977 in Linuxinfo

Summary

by MITRE • 10/21/2024

In the Linux kernel, the following vulnerability has been resolved:

net: stmmac: Fix zero-division error when disabling tc cbs

The commit b8c43360f6e4 ("net: stmmac: No need to calculate speed divider when offload is disabled") allows the "port_transmit_rate_kbps" to be set to a value of 0, which is then passed to the "div_s64" function when tc-cbs is disabled. This leads to a zero-division error.

When tc-cbs is disabled, the idleslope, sendslope, and credit values the credit values are not required to be configured. Therefore, adding a return statement after setting the txQ mode to DCB when tc-cbs is disabled would prevent a zero-division error.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Analysis

by VulDB Data Team • 03/21/2026

The vulnerability described in CVE-2024-49977 represents a critical zero-division error within the Linux kernel's stmmac network driver implementation. This flaw occurs specifically when the traffic control credit-based shaper (tc-cbs) functionality is disabled, creating a scenario where the system attempts to perform division operations with zero as the divisor. The issue stems from the commit b8c43360f6e4 which introduced changes to how the port transmit rate is handled when offload functionality is disabled, allowing the "port_transmit_rate_kbps" parameter to be set to zero. This parameter is subsequently passed to the "div_s64" function, which performs 64-bit signed integer division operations. When tc-cbs is disabled, the system should not require calculation of credit values including idleslope, sendslope, and credit parameters, yet the code path continues to execute division operations with zero values, leading to a kernel panic or system crash.

The technical implementation flaw manifests in the network driver's handling of traffic control configurations where the stmmac driver fails to properly validate input parameters before performing mathematical operations. When tc-cbs is disabled, the driver should recognize that certain configuration parameters become irrelevant and avoid proceeding with calculations that would result in mathematical errors. The specific code path involves setting the transmit queue mode to DCB (Data Center Bridging) while simultaneously allowing the transmit rate to be set to zero, which then propagates through to the division function. This represents a classic case of insufficient input validation and improper state management within the kernel networking subsystem. The vulnerability demonstrates a lack of proper error handling in the driver's configuration processing logic, where the system does not adequately check for zero values before attempting division operations, creating an exploitable condition that can cause system instability.

The operational impact of this vulnerability extends beyond simple system crashes to potentially compromise network availability and system reliability in production environments. When the zero-division error occurs, it results in immediate kernel panic conditions that require system reboot to recover, effectively causing denial of service for network services dependent on the affected stmmac driver. This vulnerability affects systems utilizing stmmac network controllers, particularly those implementing traffic control mechanisms and requiring network performance optimization features. The flaw is particularly concerning in data center and enterprise environments where network reliability is critical, as unexpected system crashes can lead to significant downtime and service disruption. Additionally, the vulnerability may be exploited by malicious actors to perform denial of service attacks against network infrastructure, making it a serious security concern that requires immediate attention.

Mitigation strategies for CVE-2024-49977 should prioritize applying the kernel patch that implements the proper return statement after setting the txQ mode to DCB when tc-cbs is disabled, preventing the execution path that leads to zero-division operations. System administrators should ensure that all affected Linux kernel versions are updated with the patched code that addresses the root cause by returning early from the configuration function when tc-cbs is not active. The fix aligns with the principle of defensive programming and proper error handling as outlined in the CWE-369 vulnerability category, which specifically addresses "Division by Zero" conditions in software implementations. Organizations should also implement monitoring solutions to detect potential exploitation attempts and maintain robust backup and recovery procedures for systems running affected kernel versions. The mitigation approach should include comprehensive testing of the patched kernel in staging environments before production deployment to ensure that network functionality remains intact while the zero-division vulnerability is eliminated. This vulnerability highlights the importance of proper state management and input validation in kernel-level network drivers, particularly when dealing with complex traffic control configurations that involve mathematical operations and resource allocation decisions.

Responsible

Linux

Reservation

10/21/2024

Disclosure

10/21/2024

Moderation

accepted

CPE

ready

EPSS

0.00247

KEV

no

Activities

very low

Sources

Interested in the pricing of exploits?

See the underground prices here!