30 matches found
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: mptcp: error out earlier on disconnect Eric reported a division by zero error in the MPTCP protocol: Oops: divide error: 0000 1 PREEMPT SMP KASAN PTI CPU: 1 UID: 0 PID: 6094 Comm: syz-executor317 Not tainted...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: mptcp: pm: fixed the UaF read in mptcppmnlrmaddrorsubflow Syzkaller reported this issue as follows: ================================================================== BUG: KASAN: slab-use-after-free in...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix 'scheduling while atomic' in mptcppmnlappendnewlocaladdr If multiple connection requests attempt to create an implicit mptcp endpoint in parallel, more than one caller may end up in mptcppmnlappendnewlocaladdr because...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010947)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010947 advisory. In the Linux kernel, the following vulnerability has been resolved: mptcp: use proper req destructor for IPv6 Before, only the destructor from TCP request sock in IP...
MiracleLinux 9 : kernel-5.14.0-503.21.1.el9_5 (AXSA:2025-9568:07)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9568:07 advisory. kernel: perf/aux: Fix AUX buffer serialization CVE-2024-46713 kernel: RDMA/bnxtre: Fix a bug while setting up Level-2 PBL pages CVE-2024-50208 kerne...
EUVD-2023-60360
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer dereference on fastopen early fallback In case of early fallback to TCP, subflowsynrecvsock deletes the subflow context before returning the newly allocated sock to the caller. The fastopen path does not...
mptcp: Fix proto fallback detection with BPF
...
CVE-2025-68291
The CVE-2025-68291 issue affects the Linux kernel MPTCP path: in mptcp_do_fastclose(), rcv_mss was not initialised before triggering tcp_send_active_reset(), leading to a divide-by-zero in __tcp_select_window() for MPTCP sockets. The fix mirrors a prior bare-TCP patch by initialising rcv_mss (to ...
PT-2025-51695
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a flaw within the MPTCP implementation. Specifically, the rcv mss was not initialized before being used in the tcp send active reset function within mptcp do...
CVE-2023-53490
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix disconnect vs accept race Despite commit 0ad529d9fd2b "mptcp: fix possible divide by zero in recvmsg", the mptcp protocol is still prone to a race between disconnect or shutdown and accept. The root cause is that the...
USN-7766-1 linux-aws-6.8, linux-gcp-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...
Linux Distros Unpatched Vulnerability : CVE-2025-38491
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: make fallback action and fallback decision atomic Syzkaller reported the following splat: WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223...
SUSE CVE-2025-38491
In the Linux kernel, the following vulnerability has been resolved: mptcp: make fallback action and fallback decision atomic Syzkaller reported the following splat: WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcpdofallback net/mptcp/protocol.h:1223 inline WARNING: CPU: 1 PID: 7704 at...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a UaF problem in mptcp when destroying an unaccepted socket...
SUSE-SU-2025:20284-1 Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: - CVE-2024-56600: net: inet6: Fixed dangling sk pointer in inet6create bsc1235218. - CVE-2024-57882: mptcp: Fixed TCP options overflow bsc1235916...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from mptcp handling fastopen disconnects incorrectly...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mptcp pm setting fullmesh only for subflow endpoints...
DEBIAN-CVE-2022-49669
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race on unaccepted mptcp sockets When the listener socket owning the relevant request is closed, it frees the unaccepted subflows and that causes later deletion of the paired MPTCP sockets. The mptcp socket's worker ca...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a contention condition in mptcp that does not accept sockets...
mptcp: error out earlier on disconnect
...