5.5

CVE-2024-53122

mptcp: cope racing subflow creation in mptcp_rcv_space_adjust

In the Linux kernel, the following vulnerability has been resolved:

mptcp: cope racing subflow creation in mptcp_rcv_space_adjust

Additional active subflows - i.e. created by the in kernel path
manager - are included into the subflow list before starting the
3whs.

A racing recvmsg() spooling data received on an already established
subflow would unconditionally call tcp_cleanup_rbuf() on all the
current subflows, potentially hitting a divide by zero error on
the newly created ones.

Explicitly check that the subflow is in a suitable state before
invoking tcp_cleanup_rbuf().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.10 < 6.1.119
LinuxLinux Kernel Version >= 6.2 < 6.6.63
LinuxLinux Kernel Version >= 6.7 < 6.11.10
LinuxLinux Kernel Version6.12 Updaterc1
LinuxLinux Kernel Version6.12 Updaterc2
LinuxLinux Kernel Version6.12 Updaterc3
LinuxLinux Kernel Version6.12 Updaterc4
LinuxLinux Kernel Version6.12 Updaterc5
LinuxLinux Kernel Version6.12 Updaterc6
LinuxLinux Kernel Version6.12 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.2% 0.099
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

https://git.kernel.org/stable/c/0a9a182ea5c7bb0374e527130fd85024ace7279b
https://git.kernel.org/stable/c/24995851d58c4a205ad0ffa7b2f21e479a9c8527
Patch
https://git.kernel.org/stable/c/aad6412c63baa39dd813e81f16a14d976b3de2e8
Patch
https://git.kernel.org/stable/c/ce7356ae35943cc6494cc692e62d51a734062b7d
Patch
https://git.kernel.org/stable/c/ff825ab2f455299c0c7287550915a8878e2a66e0
Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html