4 matches found
Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-013403)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013403 advisory. In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: avoid possible UaF when selecting endp selectlocaladdress and selectsignaladdress both...
UBUNTU-CVE-2026-23321
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always mark signal+subflow endp as used Syzkaller managed to find a combination of actions that was generating this warning: msk-pm.localaddrused == 0 WARNING: net/mptcp/pmkernel.c:1071 at...
The vulnerabilities of the `select_local_address()` and `select_signal_address()` functions in the Linux kernel’s mptcp component allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the selectlocaladdress function in the mptcp component of the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
AZL-48657 CVE-2024-44974 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: avoid possible UaF when selecting endp selectlocaladdress and selectsignaladdress both select an endpoint entry from the list inside an RCU protected section, but return a reference to it, to be read later on. If the...