CVE-2024-24419

HighPublic PoC

Published: 21 January 2025

Published

21 January 2025

Modified

18 March 2025

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score 0.0017 37.5th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-24419 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Linuxfoundation Magma. Its CVSS base score is 7.5 (High).

Operationally, ranked at the 37.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly mitigates the buffer overflow by requiring timely remediation through patching to Magma v1.9 or the fixing commit.

SI-10 Information Input Validation good match

prevent

Requires validation of incoming NAS packets to prevent crafted inputs from triggering the buffer overflow in the decode_traffic_flow_template_packet_filter function.

SI-16 Memory Protection good match

prevent

Implements memory protection mechanisms such as address space layout randomization and stack canaries to mitigate exploitation of the buffer overflow vulnerability.

NVD Description

The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_traffic_flow_template_packet_filter function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

Deeper analysisAI

CVE-2024-24419 is a buffer overflow vulnerability (CWE-120) in the Linux Foundation's Magma project, affecting versions up to and including 1.8.0. The flaw resides in the decode_traffic_flow_template_packet_filter function within the file /3gpp/3gpp_24.008_sm_ies.c. It enables attackers to trigger a Denial of Service (DoS) through a crafted NAS (Non-Access Stratum) packet and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). The issue was addressed in Magma v1.9 via commit 08472ba98b8321f802e95f5622fa90fec2dea486.

The vulnerability is exploitable remotely over the network with low attack complexity, requiring no authentication, privileges, or user interaction. An unauthenticated attacker can send a specially crafted NAS packet to the affected Magma instance, causing the buffer overflow and resulting in a DoS that severely impacts service availability without affecting confidentiality or integrity.

According to available advisories, mitigation requires updating to Magma v1.9 or applying the specified fixing commit. Further details on the vulnerability and remediation are provided at https://cellularsecurity.org/ransacked.

Details

CWE(s): CWE-120

Affected Products

linuxfoundation

magma

≤ 1.8.0

CVEs Like This One

CVE-2024-24416Same product: Linuxfoundation Magma

CVE-2024-24418Same product: Linuxfoundation Magma

CVE-2024-24417Same product: Linuxfoundation Magma

CVE-2024-24422Same product: Linuxfoundation Magma

CVE-2024-24421Same product: Linuxfoundation Magma

CVE-2024-24420Same product: Linuxfoundation Magma

CVE-2024-24423Same product: Linuxfoundation Magma

CVE-2023-37029Same product: Linuxfoundation Magma

CVE-2023-37024Same product: Linuxfoundation Magma

CVE-2023-37032Same product: Linuxfoundation Magma

References

https://cellularsecurity.org/ransacked
Exploit, Third Party Advisory · cve@mitre.org