Lucene search
K

4 matches found

NVD
NVD
added 2026/05/27 2:17 p.m.12 views

CVE-2026-45889

In the Linux kernel, the following vulnerability has been resolved: mptcp: do not account for OoO in mptcprcvbufgrow MPTCP-level OoOs are physiological when multiple subflows are active concurrently and will not cause retransmissions nor are caused by drops. Accounting for them in mptcprcvbufgrow...

5.5CVSS0.00153EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 2:17 p.m.8 views

UBUNTU-CVE-2026-45889

In the Linux kernel, the following vulnerability has been resolved: mptcp: do not account for OoO in mptcprcvbufgrow MPTCP-level OoOs are physiological when multiple subflows are active concurrently and will not cause retransmissions nor are caused by drops. Accounting for them in mptcprcvbufgrow...

5.7CVSS5.7AI score0.00153EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 12:17 p.m.16 views

CVE-2026-45889

Summary: CVE-2026-45889 affects the Linux kernel’s Multipath TCP (MPTCP). The root cause is incorrect accounting for Out-of-Order (OoO) data in mptcp_rcvbuf_grow(), causing the MPTCP receive buffer to drift toward tcp_rmem[2]. The vulnerability is linked to a subtle race during rcvspace initializ...

5.5CVSS5.8AI score0.00153EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/27 12:17 p.m.40 views

CVE-2026-45889 mptcp: do not account for OoO in mptcp_rcvbuf_grow()

In the Linux kernel, the following vulnerability has been resolved: mptcp: do not account for OoO in mptcprcvbufgrow MPTCP-level OoOs are physiological when multiple subflows are active concurrently and will not cause retransmissions nor are caused by drops. Accounting for them in mptcprcvbufgrow...

0.00153EPSS
Exploits0References3
Rows per page
Query Builder