EUVD-2023-60465

In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...

CVE-2023-54176

Mode C: Concrete details present. CVE-2023-54176 affects the Linux kernel MPTCP path where mptcp_worker could run while the msk socket was in an unexpected state (connect/fastclose sequence leading to a partition crash). The fix implements a stricter state check in mptcp_worker by preventing exec...

CVE-2023-53490 mptcp: fix disconnect vs accept race

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix disconnect vs accept race Despite commit 0ad529d9fd2b "mptcp: fix possible divide by zero in recvmsg", the mptcp protocol is still prone to a race between disconnect or shutdown and accept. The root cause is that the...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: always handle address removal under msk socket lock Syzkaller reported a lockdep splat in the PM control path: WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sockownedbyme include/net/sock.h:1711 inline WARNING:...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed a NULL pointer in canacceptnewsubflow. When testing the valkey benchmark tool with MPTCP, the kernel panics in mptcpcanacceptnewsubflow because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...

CVE-2023-53072

In the Linux kernel, the following vulnerability has been resolved: mptcp: use the workqueue to destroy unaccepted sockets Christoph reported a UaF at token lookup time after having refactored the passive socket initialization part: BUG: KASAN: use-after-free in tokenbucketbusy+0x253/0x260 Read o...

UBUNTU-CVE-2025-23145

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...

CVE-2025-21875 mptcp: always handle address removal under msk socket lock

In the Linux kernel, the following vulnerability has been resolved: mptcp: always handle address removal under msk socket lock Syzkaller reported a lockdep splat in the PM control path: WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sockownedbyme include/net/sock.h:1711 inline WARNING: CP...

CVE-2025-21875 mptcp: always handle address removal under msk socket lock

In the Linux kernel, the following vulnerability has been resolved: mptcp: always handle address removal under msk socket lock Syzkaller reported a lockdep splat in the PM control path: WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sockownedbyme include/net/sock.h:1711 inline WARNING: CP...

CVE-2022-49018 mptcp: fix sleep in atomic at close time

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sleep in atomic at close time Matt reported a splat at msk close time: BUG: sleeping function called from invalid context at net/mptcp/protocol.c:2877 inatomic: 1, irqsdisabled: 0, nonblock: 0, pid: 155, name:...

kernel: mptcp: fix disconnect vs accept race

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix disconnect vs accept race Despite commit 0ad529d9fd2b "mptcp: fix possible divide by zero in recvmsg", the mptcp protocol is still prone to a race between disconnect or shutdown and accept. The root cause is that the...

CVE-2021-47132

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix skforwardmemory corruption on retransmission MPTCP skforwardmemory handling is a bit special, as such field is protected by the msk socket spinlock, instead of the plain socket lock. Currently we have a code path...

InsightCloudSec Supports 12 New AWS Services Announced at re:Invent

In case you didn’t hear, Amazon hosted AWS re:Invent in Las Vegas last week. As has come to be expected at the annual mega-event, Amazon made a number of huge announcements and launched a significant number of improvements and brand-new services and settings to enhance their public cloud platform...

portal.gisc-msk.wis.mecom.ru Cross Site Scripting vulnerability OBB-1467444

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

msk-stoma.ru Open Redirect vulnerability

Vulnerable URL: http://www.msk-stoma.ru/redirect.php?site=openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.11.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| N...

DLA-345-1 strongswan - security update

Bulletin has no description...

Unfixed XSS vulnerability at www.secic.fr

Security researcher Msk, has submitted on 10/01/2011 a cross-site-scripting XSS vulnerability affecting www.secic.fr, which at the time of submission ranked 2181450 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is currently...

Unfixed XSS vulnerability at www.jdt.fr

Security researcher Msk, has submitted on 08/01/2011 a cross-site-scripting XSS vulnerability affecting www.jdt.fr, which at the time of submission ranked 2252763 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 11/12/2011. It is currently...