Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-26708HistoryApr 03, 2024 - 3:15 p.m.
CVE-2024-26708
2024-04-0315:15:53
Debian Security Bug Tracker
security-tracker.debian.org
5
cve-2024-26708
linux kernel
mptcp
fastopen
tcp_fin_wait1
vulnerability
subflow
shutdown
In the Linux kernel, the following vulnerability has been resolved: mptcp: really cope with fastopen race Fastopen and PM-trigger subflow shutdown can race, as reported by syzkaller. In my first attempt to close such race, I missed the fact that the subflow status can change again before the subflow_state_change callback is invoked. Address the issue additionally copying with all the states directly reachable from TCP_FIN_WAIT1.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 6.1.94-1 | linux_6.1.94-1_all.deb |
| Debian | 11 | all | linux | < 5.10.218-1 | linux_5.10.218-1_all.deb |
| Debian | 999 | all | linux | < 6.7.7-1 | linux_6.7.7-1_all.deb |
| Debian | 13 | all | linux | < 6.7.7-1 | linux_6.7.7-1_all.deb |
Related
redhatcve
redhatcve
CVE-2024-26708
2024-04-04 00:06:09
nvd
nvd
CVE-2024-26708
2024-04-03 15:15:53
cvelist
cvelist
CVE-2024-26708 mptcp: really cope with fastopen race
2024-04-03 14:55:11
vulnrichment
vulnrichment
CVE-2024-26708 mptcp: really cope with fastopen race
2024-04-03 14:55:11
cve
cve
CVE-2024-26708
2024-04-03 15:15:53
ubuntucve
ubuntucve
CVE-2024-26708
2024-04-03 00:00:00