23 matches found
EUVD-2026-39274
In the Linux kernel, the following vulnerability has been resolved: mptcp: allow subflow rcv wnd to shrink In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcvnxt and it's right edge should not move backward. Such constraint is enforced at DSS option generation...
CVE-2025-71144 mptcp: ensure context reset on disconnect()
In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure context reset on disconnect After the blamed commit below, if the MPC subflow is already in TCPCLOSE status or has fallback to TCP at mptcpdisconnect time, mptcpdofastclose skips setting the sendfastclose flag and t...
CVE-2023-54085
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer dereference on fastopen early fallback In case of early fallback to TCP, subflowsynrecvsock deletes the subflow context before returning the newly allocated sock to the caller. The fastopen path does not...
CVE-2025-48008
When a TCP profile with Multipath TCP MPTCP enabled is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS ar...
CVE-2025-48008 BIG-IP MPTCP vulnerability
When a TCP profile with Multipath TCP MPTCP enabled is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS ar...
F5 BIG-IP 资源管理错误漏洞
F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. A resource management error vulnerability exists in the F5 BIG-IP, which stems from the fact that MPTCP-enabled TCP configurations can cause T...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-383713)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-383713 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: fix mptcp DSS corruption due to large pmtu xmit Syzkaller was able to trigger a DSS...
SUSE-SU-2025:20342-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_5
This update for kernel-livepatch-MICRO-6-0-RTUpdate5 fixes the following issues: - CVE-2024-57882: mptcp: fix TCP options overflow. bsc1235916...
mptcp: fix TCP options overflow.
...
The vulnerability of the mptcp component in Linux kernel, which allows a hacker to cause a service failure
The vulnerability of the mptcp component in Linux operating systems is related to incorrect calculations. Exploiting this vulnerability can allow an attacker to cause a service failure...
AZL-55851 CVE-2024-57882 affecting package kernel for versions less than 6.6.76.1-1
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix TCP options overflow. Syzbot reported the following splat: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 1 PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range...
kernel: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust
A divide by zero flaw was found in the Linux kernel's Multipath TCP MPTCP. This issue could allow a remote user to crash the system...
AZL-54209 CVE-2024-53122 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: mptcp: cope racing subflow creation in mptcprcvspaceadjust Additional active subflows - i.e. created by the in kernel path manager - are included into the subflow list before starting the 3whs. A racing recvmsg spooling data...
USN-6950-1 linux, linux-aws, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and...
kernel: mptcp: fix data re-injection from stale subflow
A flaw was found in the Linux kernel. A logical error in the Multipath TCP packet manager causes some packets intended for retransmission to be lost, resulting in a potential denial of service...
DEBIAN-CVE-2021-47591
In the Linux kernel, the following vulnerability has been resolved: mptcp: remove tcp ulp setsockopt support TCPULP setsockopt cannot be used for mptcp because its already used internally to plumb subflow tcp sockets to the mptcp layer. syzbot managed to trigger a crash for mptcp connections that...
UBUNTU-CVE-2021-47591
In the Linux kernel, the following vulnerability has been resolved: mptcp: remove tcp ulp setsockopt support TCPULP setsockopt cannot be used for mptcp because its already used internally to plumb subflow tcp sockets to the mptcp layer. syzbot managed to trigger a crash for mptcp connections that...
UBUNTU-CVE-2021-47244
In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix out of bounds when parsing TCP options The TCP option parser in mptcp mptcpgetoptions could read one byte out of bounds. When the length is 1, the execution flow gets into the loop, reads one byte of the opcode, and if...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from bpf allowing access to protoops at the mptcp level from a tcp substream range...
SUSE CVE-2024-26708
In the Linux kernel, the following vulnerability has been resolved: mptcp: really cope with fastopen race Fastopen and PM-trigger subflow shutdown can race, as reported by syzkaller. In my first attempt to close such race, I missed the fact that the subflow status can change again before the...