mptcp: allow subflow rcv wnd to shrink

...

CVE-2026-53183

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. This vulnerability occurs because the TCP stack independently manages the TCP-level receive window, which can lead to an artificial inflation of the MPTCP receive window. A remote attacker could exploit this by sending...

CVE-2026-53183

In the Linux kernel, the following vulnerability has been resolved: mptcp: allow subflow rcv wnd to shrink In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcvnxt and it's right edge should not move backward. Such constraint is enforced at DSS option generation...

UBUNTU-CVE-2026-53183

In the Linux kernel, the following vulnerability has been resolved: mptcp: allow subflow rcv wnd to shrink In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcvnxt and it's right edge should not move backward. Such constraint is enforced at DSS option generation...

CVE-2026-53183

In the Linux kernel, the following vulnerability has been resolved: mptcp: allow subflow rcv wnd to shrink In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcvnxt and it's right edge should not move backward. Such constraint is enforced at DSS option generation...

CVE-2026-53183 mptcp: allow subflow rcv wnd to shrink

In the Linux kernel, the following vulnerability has been resolved: mptcp: allow subflow rcv wnd to shrink In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcvnxt and it's right edge should not move backward. Such constraint is enforced at DSS option generation...

EUVD-2026-39274

In the Linux kernel, the following vulnerability has been resolved: mptcp: allow subflow rcv wnd to shrink In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcvnxt and it's right edge should not move backward. Such constraint is enforced at DSS option generation...

CVE-2026-53183

CVE-2026-53183 affects the Linux kernel MPTCP implementation. The issue allows the TCP subflow receive window to shrink independently of the netns, which can inflate the MPTCP receive window and cause incoming data to exceed the receiver’s rcvbuf, potentially leading to DoS or a system becoming u...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Networks: TLS – Avoid hanging tasks when using txlock. The syzbot reported a situation where tasks were hung. Eric explains that the adversarial receiver may keep RWIN at 0 for a long time, so we cannot guarantee progress. Thread...

Linux Distros Unpatched Vulnerability : CVE-2025-68291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: Initialise rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported divide-by-zero in tcpselectwindow by MPTCP socket. 0 We had a...

EUVD-2025-31585

Malicious code in bioql PyPI...

EUVD-2022-39495

Malicious code in bioql PyPI...

CVE-2025-56234

ATNA2000 from Nanda Automation Technology vendor has a denial-of-service vulnerability. For the processing of TCP RST packets, PLC ATNA2000 has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be within...

CVE-2025-56234

ATNA2000 from Nanda Automation Technology vendor has a denial-of-service vulnerability. For the processing of TCP RST packets, PLC ATNA2000 has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be within...

CVE-2025-56234

CVE-2025-56234 affects Nanda Automation Technology’s AT NA2000 PLC. The root cause is improper handling of TCP RST packets, accepting a broad range of sequence numbers within the receive window rather than requiring an exact match (RFC 5961). This enables an attacker to send numerous random TCP R...

CVE-2025-56233

Openindiana, kernel SunOS 5.11 has a denial of service vulnerability. For the processing of TCP packets with RST or SYN flag set, Openindiana has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be with...

PT-2025-39844

Name of the Vulnerable Software and Affected Versions Openindiana, kernel SunOS 5.11 Description The software exhibits a denial of service condition due to improper handling of TCP packets. Specifically, when processing TCP packets with the RST or SYN flag set, the system accepts a wide range of...

PT-2025-39838

Name of the Vulnerable Software and Affected Versions Nanda Automation Technology AT NA2000 affected versions not specified Description The AT NA2000 Programmable Logic Controller PLC exhibits a denial-of-service condition. The device improperly handles TCP RST packets, accepting a broad range of...

CVE-2025-56233

CVE-2025-56233 affects Openindiana kernel SunOS 5.11. TCP processing of RST/SYN allows a wide range of sequence numbers within the receive window, breaking RFC 5961. This can enable an attacker to send multiple random RST/SYN packets and cause denial of service by disrupting legitimate connection...

CVE-2025-56233

Openindiana, kernel SunOS 5.11 has a denial of service vulnerability. For the processing of TCP packets with RST or SYN flag set, Openindiana has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be with...