Lucene search
K

7 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: Use OPTIONMPTCPMPJSYNACK in subflowfinishconnect subflowfinishconnect uses four fields backup, joinid, thmac, none that may contain garbage unless OPTIONMPTCPMPJSYNACK has been set in mptcpparseoption...

5.5CVSS6.1AI score0.00219EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/13 5:36 p.m.3 views

CVE-2025-40133

In the Linux kernel, the following vulnerability has been resolved: mptcp: Use skdstget and dstdevrcu in mptcpactiveenable. mptcpactiveenable is called from subflowfinishconnect, which is icsk-icskafops-skrxdstset and it's not always under RCU. Using skdstgetsk-dev could trigger UAF. Let's use...

7CVSS5.2AI score0.00194EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/11/21 12:0 a.m.5 views

The vulnerability of the mptcp component in Linux kernel, which allows a hacker to cause a service failure

The vulnerability of the mptcp component in the Linux operating system’s kernel is related to errors in resource management within the subflowfinishconnect function. Exploiting this vulnerability can allow a attacker to cause a service failure...

5.5CVSS6.2AI score0.00219EPSS
Exploits0References27Affected Software4
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.4 views

kernel: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()

CVE-2024-35840 is a vulnerability in the Linux kernel’s Multipath TCP MPTCP implementation. It occurs because the subflowfinishconnect function may handle uninitialized data in certain fields if a specific MPTCP option OPTIONMPTCPMPJSYNACK is not correctly set during option parsing. This could le...

5.5CVSS7.2AI score0.00219EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/05/21 1:59 a.m.3 views

SUSE CVE-2024-35840

In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTIONMPTCPMPJSYNACK in subflowfinishconnect subflowfinishconnect uses four fields backup, joinid, thmac, none that may contain garbage unless OPTIONMPTCPMPJSYNACK has been set in mptcpparseoption...

5.5CVSS6.4AI score0.00219EPSS
Exploits0References22
OSV
OSV
added 2024/05/17 3:15 p.m.1 views

DEBIAN-CVE-2024-35840

In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTIONMPTCPMPJSYNACK in subflowfinishconnect subflowfinishconnect uses four fields backup, joinid, thmac, none that may contain garbage unless OPTIONMPTCPMPJSYNACK has been set in mptcpparseoption...

5.5CVSS5.4AI score0.00219EPSS
Exploits0References1
OSV
OSV
added 2024/05/17 3:15 p.m.8 views

UBUNTU-CVE-2024-35840

In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTIONMPTCPMPJSYNACK in subflowfinishconnect subflowfinishconnect uses four fields backup, joinid, thmac, none that may contain garbage unless OPTIONMPTCPMPJSYNACK has been set in mptcpparseoption...

5.5CVSS6AI score0.00219EPSS
Exploits0References16
Rows per page
Query Builder