Executive Risk Summary
"A reachable assertion in the decode_linked_ti_ie function of Magma allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet. This vulnerability affects Magma versions <= 1.8.0 and is fixed in version 1.9."
Anticipated Attack Path
- 1. Step 1: Attacker crafts a malicious NAS packet
- 2. Step 2: Attacker sends the crafted packet to the Magma system
- 3. Step 3: Magma system processes the packet, leading to a Denial of Service (DoS)
Am I Vulnerable?
- Verify Magma version and update to version 1.9 or later
- Monitor network traffic for suspicious NAS packets
- Implement packet filtering or intrusion detection systems to detect and prevent malicious packets
Operational Audit Arsenal
Target Type process
Target Asset magma
Standard Path /usr/bin/magma
Manual Verification Required
This is a non-Windows asset (Magma). Use the target asset details and official path provided above to verify your current version against the official vendor advisories listed below.
Patch Impact Forecast
Reboot Required Likely
Network services may be disrupted during the update process
Internal Work Notes
Magma system vulnerability (CVE-2024-24420) - update to version 1.9 or later to prevent Denial of Service (DoS) attacks
Technical Intelligence & Operational Utilities • Delivered Weekly
Intelligence Sources
Related Magma Threats
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.