Lucene search
K

8 matches found

RedHat Linux
RedHat Linux
added 2026/02/09 9:51 a.m.5 views

kernel: mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable()

A use-after-free flaw was found in Multipath TCP in the Linux kernel in net/mptcp/ctrl.c:mptcpactiveenablecode due to concurrency problem. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...

5.8AI score0.00172EPSS
Exploits0References5
OSV
OSV
added 2026/02/09 12:0 a.m.9 views

ALSA-2026:2282 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation CVE-2025-38415 kernel: vsock/vmci: Clear the vmci transport packet properly when initializing it...

7.8CVSS5.8AI score0.00181EPSS
Exploits0References18
RedHat Linux
RedHat Linux
added 2026/02/02 3:41 p.m.3 views

kernel: mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable()

A use-after-free flaw was found in Multipath TCP in the Linux kernel in net/mptcp/ctrl.c:mptcpactiveenablecode due to concurrency problem. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...

5.8AI score0.00172EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/11/14 12:25 a.m.1 views

SUSE CVE-2025-40133

In the Linux kernel, the following vulnerability has been resolved: mptcp: Use skdstget and dstdevrcu in mptcpactiveenable. mptcpactiveenable is called from subflowfinishconnect, which is icsk-icskafops-skrxdstset and it's not always under RCU. Using skdstgetsk-dev could trigger UAF. Let's use...

6.5CVSS6.5AI score0.00172EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/11/13 5:36 p.m.3 views

CVE-2025-40133

In the Linux kernel, the following vulnerability has been resolved: mptcp: Use skdstget and dstdevrcu in mptcpactiveenable. mptcpactiveenable is called from subflowfinishconnect, which is icsk-icskafops-skrxdstset and it's not always under RCU. Using skdstgetsk-dev could trigger UAF. Let's use...

7CVSS5.2AI score0.00172EPSS
Exploits0References4
NVD
NVD
added 2025/11/12 11:15 a.m.4 views

CVE-2025-40133

In the Linux kernel, the following vulnerability has been resolved: mptcp: Use skdstget and dstdevrcu in mptcpactiveenable. mptcpactiveenable is called from subflowfinishconnect, which is icsk-icskafops-skrxdstset and it's not always under RCU. Using skdstgetsk-dev could trigger UAF. Let's use...

0.00172EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/12 10:23 a.m.7 views

CVE-2025-40133 mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable().

In the Linux kernel, the following vulnerability has been resolved: mptcp: Use skdstget and dstdevrcu in mptcpactiveenable. mptcpactiveenable is called from subflowfinishconnect, which is icsk-icskafops-skrxdstset and it's not always under RCU. Using skdstgetsk-dev could trigger UAF. Let's use...

0.00172EPSS
Exploits0References3
CVE
CVE
added 2025/11/12 10:23 a.m.15 views

CVE-2025-40133

CVE-2025-40133 affects the Linux kernel: the mptcpActiveEnable path may trigger a use-after-free by dereferencing the destination device with sk_dst_get() from subflow_finish_connect(). The fix, as described in the advisory, is to switch to __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable(...

5.9AI score0.00172EPSS
Exploits0References3
Rows per page
Query Builder