Lucene search
K

283 matches found

NVD
NVD
added 2025/06/18 11:15 a.m.6 views

CVE-2022-50071

In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...

7.8CVSS0.00201EPSS
Exploits0References2
OSV
OSV
added 2025/06/18 11:15 a.m.7 views

AZL-70352 CVE-2022-50071 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...

7.8CVSS5.7AI score0.00201EPSS
Exploits0References1
OSV
OSV
added 2025/06/18 11:15 a.m.6 views

UBUNTU-CVE-2022-50071

In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...

7.8CVSS5.8AI score0.00201EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/06/18 11:2 a.m.8 views

CVE-2022-50071 mptcp: move subflow cleanup in mptcp_destroy_common()

In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...

0.00201EPSS
Exploits0References2
OSV
OSV
added 2025/06/18 11:2 a.m.6 views

CVE-2022-50071 mptcp: move subflow cleanup in mptcp_destroy_common()

In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...

7.8CVSS6.4AI score0.00201EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/06/18 11:2 a.m.5 views

CVE-2022-50071

In the Linux kernel, the following vulnerability has been resolved: mptcp: move subflow cleanup in mptcpdestroycommon If the mptcp socket creation fails due to a CGROUPINETSOCKCREATE eBPF program, the MPTCP protocol ends-up leaking all the subflows: the related cleanup happens in mptcpdestroysock...

7.8CVSS6.3AI score0.00201EPSS
Exploits0
CVE
CVE
added 2025/06/18 11:2 a.m.39 views

CVE-2022-50071

The CVE-2022-50071 issue affects the Linux kernel’s MPTCP implementation. The vulnerability arises when socket creation fails due to a CGROUP_INET_SOCK_CREATE eBPF program, causing leakage of subflows because cleanup was not invoked in that code path. The fix moves subflow cleanup into the mptcp_...

7.8CVSS6.5AI score0.00201EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a resource leak caused by MPTCP's failure to clean up a subflow when a socket creation fails...

7.8CVSS6.1AI score0.00201EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from MPTCP queuing data even after shutting down a subflow resulting in post-release reuse...

7.8CVSS5.9AI score0.00216EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed a NULL pointer in canacceptnewsubflow. When testing the valkey benchmark tool with MPTCP, the kernel panics in mptcpcanacceptnewsubflow because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...

5.5CVSS6.1AI score0.00176EPSS
Exploits0References3
OSV
OSV
added 2025/05/23 7:28 a.m.7 views

SUSE-SU-2025:20344-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. - CVE-2024-35840: mptcp: use OPTIONMPTCPMPJSYNACK in...

7.8CVSS7.1AI score0.13036EPSS
Exploits0References248
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.3 views

kernel: mptcp: pm: only mark 'subflow' endp as available

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only mark 'subflow' endp as available Adding the following warning ... WARNONONCEmsk-pm.localaddrused == 0 ... before decrementing the localaddrused counter helped to find a bug when running the "remove single address"...

5.5CVSS6.5AI score0.0022EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.4 views

kernel: mptcp: pm: only decrement add_addr_accepted for MPJ req

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only decrement addaddraccepted for MPJ req Adding the following warning ... WARNONONCEmsk-pm.addaddraccepted == 0 ... before decrementing the addaddraccepted counter helped to find a bug when running the "remove single...

5.5CVSS6.5AI score0.00221EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/05/03 2:51 a.m.4 views

SUSE CVE-2023-53072

In the Linux kernel, the following vulnerability has been resolved: mptcp: use the workqueue to destroy unaccepted sockets Christoph reported a UaF at token lookup time after having refactored the passive socket initialization part: BUG: KASAN: use-after-free in tokenbucketbusy+0x253/0x260 Read o...

5.5CVSS6.9AI score0.00168EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/05/02 4:15 p.m.8 views

CVE-2023-53072

In the Linux kernel, the following vulnerability has been resolved: mptcp: use the workqueue to destroy unaccepted sockets Christoph reported a UaF at token lookup time after having refactored the passive socket initialization part: BUG: KASAN: use-after-free in tokenbucketbusy+0x253/0x260 Read o...

7.8CVSS6.1AI score0.00168EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2025/05/02 2:3 a.m.3 views

SUSE CVE-2025-23145

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...

7.5CVSS6.3AI score0.00176EPSS
Exploits0References61
OSV
OSV
added 2025/05/01 1:15 p.m.1 views

DEBIAN-CVE-2025-23145

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...

5.5CVSS5.6AI score0.00176EPSS
Exploits0References1
NVD
NVD
added 2025/05/01 1:15 p.m.13 views

CVE-2025-23145

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...

5.5CVSS0.00176EPSS
Exploits0References10
OSV
OSV
added 2025/05/01 1:15 p.m.10 views

UBUNTU-CVE-2025-23145

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...

5.5CVSS6.2AI score0.00176EPSS
Exploits0References40
Debian CVE
Debian CVE
added 2025/05/01 12:55 p.m.7 views

CVE-2025-23145

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer in canacceptnewsubflow When testing valkey benchmark tool with MPTCP, the kernel panics in 'mptcpcanacceptnewsubflow' because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...

5.5CVSS5.6AI score0.00176EPSS
Exploits0
Rows per page
Query Builder