CVE-2024-49977 is a vulnerability identified in the Linux kernel's network driver component, specifically within the stmmac (Synopsys Ethernet MAC) driver. The issue arises from a zero-division error triggered when the Traffic Control Credit-Based Shaper (tc-cbs) feature is disabled. The root cause is a code change (commit b8c43360f6e4) that allows the variable "port_transmit_rate_kbps" to be set to zero. This zero value is subsequently passed to the div_s64 function, which performs division operations without validating the divisor. When tc-cbs is disabled, certain parameters such as idleslope, sendslope, and credit values are not configured, making the division by zero possible. The vulnerability can cause kernel crashes or denial of service (DoS) conditions due to the unhandled zero-division error. The fix involves adding a return statement after setting the transmit queue mode to Data Center Bridging (DCB) when tc-cbs is disabled, preventing the division by zero from occurring. This vulnerability affects multiple Linux kernel versions identified by specific commit hashes and is relevant to systems using the stmmac driver for Ethernet networking. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.

For European organizations, this vulnerability poses a risk primarily to systems running affected Linux kernel versions with the stmmac network driver, which is common in embedded systems, network appliances, and some server environments. Exploitation could lead to kernel panics or system crashes, resulting in denial of service. This could disrupt critical network infrastructure, especially in sectors relying on Linux-based networking equipment such as telecommunications, data centers, and industrial control systems. The impact on confidentiality and integrity is minimal since the vulnerability does not directly allow code execution or privilege escalation. However, availability could be significantly affected, potentially causing outages or degraded network performance. Organizations with high availability requirements or those operating critical infrastructure in Europe should be particularly cautious. The lack of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers may develop exploits once the vulnerability details are public.

European organizations should promptly update their Linux kernel to versions that include the patch for CVE-2024-49977. Specifically, they should ensure that the stmmac driver is updated to the fixed commit or later. For embedded or specialized devices where kernel updates are not straightforward, vendors should be contacted for firmware updates or mitigations. Network administrators should monitor systems for unexpected kernel crashes or network interface failures that could indicate exploitation attempts. Additionally, implementing robust network segmentation can limit the impact of potential DoS conditions. For environments where immediate patching is not feasible, disabling or avoiding the use of the tc-cbs feature on affected interfaces can serve as a temporary workaround. Regular backups and system redundancy will help maintain availability in case of service disruption. Finally, organizations should maintain vigilance for any emerging exploit reports or indicators of compromise related to this vulnerability.