We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-50185

mptcp: handle consistently DSS corruption



Description

In the Linux kernel, the following vulnerability has been resolved: mptcp: handle consistently DSS corruption Bugged peer implementation can send corrupted DSS options, consistently hitting a few warning in the data path. Use DEBUG_NET assertions, to avoid the splat on some builds and handle consistently the error, dumping related MIBs and performing fallback and/or reset according to the subflow type.

Reserved 2024-10-21 | Published 2024-11-08 | Updated 2024-11-19 | Assigner Linux

Product status

Default status
unaffected

6771bfd9ee24 before fde99e972b8f
affected

6771bfd9ee24 before 12c1676d598e
affected

6771bfd9ee24 before 35668f8ec84f
affected

6771bfd9ee24 before b8be15d1ae7e
affected

6771bfd9ee24 before 8bfd391bde68
affected

6771bfd9ee24 before e32d262c89e2
affected

Default status
affected

5.7
affected

Any version before 5.7
unaffected

5.10.228
unaffected

5.15.169
unaffected

6.1.113
unaffected

6.6.57
unaffected

6.11.4
unaffected

6.12
unaffected

References

git.kernel.org/...c/fde99e972b8f88cebe619241d7aa43d288ef666a

git.kernel.org/...c/12c1676d598e3b8dd92a033b623b792cc2ea1ec5

git.kernel.org/...c/35668f8ec84f6c944676e48ecc6bbc5fc8e6fe25

git.kernel.org/...c/b8be15d1ae7ea4eedd547c3b3141f592fbddcd30

git.kernel.org/...c/8bfd391bde685df7289b928ce8876a3583be4bfb

git.kernel.org/...c/e32d262c89e2b22cb0640223f953b548617ed8a6

cve.org (CVE-2024-50185)

nvd.nist.gov (CVE-2024-50185)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-50185

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.