We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-46711

mptcp: pm: fix ID 0 endp usage after multiple re-creations



Description

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: fix ID 0 endp usage after multiple re-creations 'local_addr_used' and 'add_addr_accepted' are decremented for addresses not related to the initial subflow (ID0), because the source and destination addresses of the initial subflows are known from the beginning: they don't count as "additional local address being used" or "ADD_ADDR being accepted". It is then required not to increment them when the entrypoint used by the initial subflow is removed and re-added during a connection. Without this modification, this entrypoint cannot be removed and re-added more than once.

Reserved 2024-09-11 | Published 2024-09-13 | Updated 2024-11-05 | Assigner Linux

Product status

Default status
unaffected

3ad14f54bd74 before c9c744666f73
affected

3ad14f54bd74 before 53e2173172d2
affected

3ad14f54bd74 before 119806ae4e46
affected

3ad14f54bd74 before 9366922adc6a
affected

Default status
affected

6.0
affected

Any version before 6.0
unaffected

6.1.109
unaffected

6.6.49
unaffected

6.10.8
unaffected

6.11
unaffected

References

git.kernel.org/...c/c9c744666f7308a4daba520191e29d395260bcfe

git.kernel.org/...c/53e2173172d26c0617b29dd83618b71664bed1fb

git.kernel.org/...c/119806ae4e46cf239db8e6ad92bc2fd3daae86dc

git.kernel.org/...c/9366922adc6a71378ca01f898c41be295309f044

cve.org (CVE-2024-46711)

nvd.nist.gov (CVE-2024-46711)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-46711

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.