4.7
CVE-2024-46711
- EPSS 0.03%
- Published 13.09.2024 07:15:05
- Last modified 03.11.2025 23:15:55
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Open
LoginIn the Linux kernel, the following vulnerability has been resolved: mptcp: pm: fix ID 0 endp usage after multiple re-creations 'local_addr_used' and 'add_addr_accepted' are decremented for addresses not related to the initial subflow (ID0), because the source and destination addresses of the initial subflows are known from the beginning: they don't count as "additional local address being used" or "ADD_ADDR being accepted". It is then required not to increment them when the entrypoint used by the initial subflow is removed and re-added during a connection. Without this modification, this entrypoint cannot be removed and re-added more than once.
Data is provided by the National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.0 < 6.1.109
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.49
Linux ≫ Linux Kernel Version >= 6.7 < 6.10.8
Linux ≫ Linux Kernel Version6.11 Updaterc1
Linux ≫ Linux Kernel Version6.11 Updaterc2
Linux ≫ Linux Kernel Version6.11 Updaterc3
Linux ≫ Linux Kernel Version6.11 Updaterc4
Linux ≫ Linux Kernel Version6.11 Updaterc5
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.055 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4.7 | 1 | 3.6 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
|