41 matches found
SUSE CVE-2023-54176
In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...
CVE-2023-54176
Mode C: Concrete details present. CVE-2023-54176 affects the Linux kernel MPTCP path where mptcp_worker could run while the msk socket was in an unexpected state (connect/fastclose sequence leading to a partition crash). The fix implements a stricter state check in mptcp_worker by preventing exec...
CVE-2023-54176 mptcp: stricter state check in mptcp_worker
In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...
CVE-2025-68291 mptcp: Initialise rcv_mss before calling tcp_send_active_reset() in mptcp_do_fastclose().
In the Linux kernel, the following vulnerability has been resolved: mptcp: Initialise rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported divide-by-zero in tcpselectwindow by MPTCP socket. 0 We had a similar issue for the bare TCP and fixed in commit 499350a5a6e7 "tcp:...
EUVD-2022-55216
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-4128
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user coul...
Linux Distros Unpatched Vulnerability : CVE-2022-50071
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up...
PT-2025-31087
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-rc3-gbd5ce2324dba Description The Linux kernel contained a flaw in the MPTCP protocol related to the atomicity of fallback actions and decisions. A Syzkaller report indicated a potential system crash splat...
CVE-2022-50071
In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...
CVE-2022-50071
The CVE-2022-50071 issue affects the Linux kernel’s MPTCP implementation. The vulnerability arises when socket creation fails due to a CGROUP_INET_SOCK_CREATE eBPF program, causing leakage of subflows because cleanup was not invoked in that code path. The fix moves subflow cleanup into the mptcp_...
CVE-2022-50071 mptcp: move subflow cleanup in mptcp_destroy_common()
In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...
UBUNTU-CVE-2022-49775
In the Linux kernel, the following vulnerability has been resolved: tcp: cdg: allow tcpcdgrelease to be called multiple times Apparently, mptcp is able to call tcpdisconnect on an already disconnected flow. This is generally fine, unless current congestion control is CDG, because it might trigger...
CVE-2022-49775
CVE-2022-49775 (Linux kernel) affects the tcp_cdg congestion control. The advisory notes that when MPTCP calls tcp_disconnect() on an already-disconnected flow under CDG, it may trigger a double-free in the SLAB allocator. The vulnerability arises from the ability to call tcp_cdg_release() multip...
PT-2025-18399
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel related to the MPTCP protocol. The issue occurs when the kernel panics in 'mptcp can accept new subflow' due to a NULL pointer...
Linux Distros Unpatched Vulnerability : CVE-2024-53123
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mptcp: error out earlier on disconnect Eric reported a division by zero splat in the MPTCP...
Linux Distros Unpatched Vulnerability : CVE-2024-36889
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure sndnxt is properly initialized on connect Christoph reported a splat hinting a...
Linux Distros Unpatched Vulnerability : CVE-2021-47152
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data stream corruption Maxim reported several issues when forcing a TCP transpare...
DEBIAN-CVE-2025-21705
In the Linux kernel, the following vulnerability has been resolved: mptcp: handle fastopen disconnect correctly Syzbot was able to trigger a data stream corruption: WARNING: CPU: 0 PID: 9846 at net/mptcp/protocol.c:1024 mptcpcleanuna+0xddb/0xff0 net/mptcp/protocol.c:1024 Modules linked in: CPU: 0...
CVE-2024-53123
In the Linux kernel, the following vulnerability has been resolved: mptcp: error out earlier on disconnect Eric reported a division by zero splat in the MPTCP protocol: Oops: divide error: 0000 1 PREEMPT SMP KASAN PTI CPU: 1 UID: 0 PID: 6094 Comm: syz-executor317 Not tainted...
CVE-2024-53123
In the Linux kernel, the following vulnerability has been resolved: mptcp: error out earlier on disconnect Eric reported a division by zero splat in the MPTCP protocol: Oops: divide error: 0000 1 PREEMPT SMP KASAN PTI CPU: 1 UID: 0 PID: 6094 Comm: syz-executor317 Not tainted...