DEBIAN-CVE-2026-31669

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability during RCU read-side critical sections. Both tcpprot and tcpv6prot ha...

Azure Linux 3.0 Security Update: kernel (CVE-2024-45010)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45010 advisory. - In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only mark 'subflow' endp as...

NewStart CGSL MAIN 7.02 : kernel Multiple Vulnerabilities (NS-SA-2025-0253)

The remote NewStart CGSL host, running version MAIN 7.02, has kernel packages installed that are affected by multiple vulnerabilities: - In the Linux kernel, the following vulnerability has been resolved: rapidio: fix an API misues when rioaddnet fails rioaddnet calls deviceregister and fails whe...

CVE-2022-50071

In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...

CVE-2022-50071 mptcp: move subflow cleanup in mptcp_destroy_common()

In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...

SUSE-SU-2025:20344-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. - CVE-2024-35840: mptcp: use OPTIONMPTCPMPJSYNACK in...

CVE-2025-23145

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...

UBUNTU-CVE-2025-23145

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...

CVE-2025-23145 mptcp: fix NULL pointer in can_accept_new_subflow

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...

CVE-2025-23145

CVE-2025-23145 affects the Linux kernel (MPTCP) and describes a NULL-pointer dereference in the mptcp_can_accept_new_subflow path. The root cause is that subflow_req->msk ownership could be transferred to a subflow on the first path, creating a window where a second SYN-ACK could be processed ...

The vulnerability of the mptcp_subflow_queue_clean() function in the net/mptcp/subflow.c module of the MPTCP protocol implementation in Linux kernel allows a attacker to cause a service failure.

The vulnerability of the mptcpsubflowqueueclean function in the net/mptcp/subflow.c module of the MPTCP protocol implementation in the Linux operating system is related to improper cleaning when handling exceptions. Exploiting this vulnerability can allow a attacker to cause service failures...

UBUNTU-CVE-2021-47242

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix soft lookup in subflowerrorreport Maxim reported a soft lookup in subflowerrorreport: watchdog: BUG: soft lockup - CPU0 stuck for 22s! swapper/0:0 RIP: 0010:nativequeuedspinlockslowpath RSP: 0018:ffffa859c0003bc0 EFLAG...

UBUNTU-CVE-2024-35894

In the Linux kernel, the following vulnerability has been resolved: mptcp: prevent BPF accessing lowat from a subflow socket. Alexei reported the following splat: WARNING: CPU: 32 PID: 3276 at net/mptcp/subflow.c:1430 subflowdataready+0x147/0x1c0 Modules linked in: dummy bpftestmodO last unloaded...

CVE-2024-26781 mptcp: fix possible deadlock in subflow diag

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix possible deadlock in subflow diag Syzbot and Eric reported a lockdep splat in the subflow diag: WARNING: possible circular locking dependency detected 6.8.0-rc4-syzkaller-00212-g40b9385dd8e6 0 Not tainted...

PT-2022-33417 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.4 Description: The issue concerns the mptcp subflow cleanup in the mptcp destroy common function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...