Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-40931HistoryJul 12, 2024 - 1:15 p.m.
CVE-2024-40931
2024-07-1213:15:15
Debian Security Bug Tracker
security-tracker.debian.org
4
linux kernel
vulnerability resolution
mptcp
initialization issue
In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_una is properly initialized on connect This is strictly related to commit fb7a0d334894 (“mptcp: ensure snd_nxt is properly initialized on connect”). It turns out that syzkaller can trigger the retransmit after fallback and before processing any other incoming packet - so that snd_una is still left uninitialized. Address the issue explicitly initializing snd_una together with snd_nxt and write_seq.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 6.1.99-1 | linux_6.1.99-1_all.deb |
| Debian | 11 | all | linux | < 5.10.221-1 | linux_5.10.221-1_all.deb |
| Debian | 999 | all | linux | < 6.9.7-1 | linux_6.9.7-1_all.deb |
| Debian | 13 | all | linux | < 6.9.7-1 | linux_6.9.7-1_all.deb |
Related
vulnrichment
vulnrichment
CVE-2024-40931 mptcp: ensure snd_una is properly initialized on connect
2024-07-12 12:25:09
redhatcve
redhatcve
CVE-2024-40931
2024-07-16 15:56:47
osv
osv
CVE-2024-40931
2024-07-12 13:15:00
linux - security update
2024-07-16 00:00:00
linux - security update
2024-07-15 00:00:00
cvelist
cvelist
CVE-2024-40931 mptcp: ensure snd_una is properly initialized on connect
2024-07-12 12:25:09
ubuntucve
ubuntucve
CVE-2024-40931
2024-07-12 00:00:00
nvd
nvd
CVE-2024-40931
2024-07-12 13:15:15
cve
cve
CVE-2024-40931
2024-07-12 13:15:15
openvas
openvas
Debian: Security Advisory (DSA-5731-1)
2024-07-17 00:00:00
Debian: Security Advisory (DSA-5730-1)
2024-07-16 00:00:00
Ubuntu: Security Advisory (USN-7004-1)
2024-09-13 00:00:00
nessus
nessus
Debian dsa-5731 : affs-modules-6.1.0-21-4kc-malta-di - security update
2024-07-16 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2802-1)
2024-08-08 00:00:00
Debian dsa-5730 : affs-modules-5.10.0-29-4kc-malta-di - security update
2024-07-16 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2024-09-12 00:00:00