Lucene search
GoogleOSV:CVE-2021-47593HistoryJun 19, 2024 - 3:15 p.m.
CVE-2021-47593
2024-06-1915:15:53
Google
osv.dev
1
linux kernel
mptcp
vulnerability
sk_sock_kern
misconfiguration
kernel crash
AI Score
8.9
Confidence
High
In the Linux kernel, the following vulnerability has been resolved:
mptcp: clear ‘kern’ flag from fallback sockets
The mptcp ULP extension relies on sk->sk_sock_kern being set correctly:
It prevents setsockopt(fd, IPPROTO_TCP, TCP_ULP, “mptcp”, 6); from
working for plain tcp sockets (any userspace-exposed socket).
But in case of fallback, accept() can return a plain tcp sk.
In such case, sk is still tagged as ‘kernel’ and setsockopt will work.
This will crash the kernel, The subflow extension has a NULL ctx->conn
mptcp socket:
BUG: KASAN: null-ptr-deref in subflow_data_ready+0x181/0x2b0
Call Trace:
tcp_data_ready+0xf8/0x370
[…]
Related
ubuntucve
ubuntucve
CVE-2021-47593
2024-06-19 00:00:00
debiancve
debiancve
CVE-2021-47593
2024-06-19 15:15:53
nvd
nvd
CVE-2021-47593
2024-06-19 15:15:53
cvelist
cvelist
CVE-2021-47593 mptcp: clear 'kern' flag from fallback sockets
2024-06-19 14:53:56
vulnrichment
vulnrichment
CVE-2021-47593 mptcp: clear 'kern' flag from fallback sockets
2024-06-19 14:53:56
cve
cve
CVE-2021-47593
2024-06-19 15:15:53
redhatcve
redhatcve
CVE-2021-47593
2024-06-20 10:53:30
osv
osv
UBUNTU-CVE-2021-47593
2024-06-19 15:15:00
Security update for the Linux Kernel
2024-08-16 13:46:19
Security update for the Linux Kernel
2024-08-13 14:07:49
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2894-1)
2024-08-14 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2947-1)
2024-08-17 00:00:00
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:2947-1)
2024-08-20 00:00:00