PT-2025-8788 · Linux+6 · Linux Kernel+6

Syzbot

·

Publicado

2025-01-27

·

Atualizado

2026-04-20

·

CVE-2025-21705

CVSS v3.1

5.5

Média

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for the mptcp fastopen disconnect issue
Description A vulnerability in the Linux kernel's mptcp protocol has been identified, where the handling of disconnect() generated internally by the MPTCP protocol in case of connect FASTOPEN errors is incorrect. This can lead to data stream corruption. The issue was triggered by Syzbot, causing a warning and a call trace. The root cause is the bad handling of disconnect() in case of FASTOPEN errors.
Recommendations For Linux kernel versions prior to the version that includes the fix for the mptcp fastopen disconnect issue, consider applying a patch that increases the socket disconnect counter even in cases of connect FASTOPEN errors, allowing other threads waiting on the same socket lock to properly error out. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

BDU:2025-11951
CVE-2025-21705
DLA-4102-1
OESA-2025-1339
OESA-2025-1340
OPENSUSE-SU-2025_0847-1
OPENSUSE-SU-2025_0856-1
OPENSUSE-SU-2025_0955-1
SUSE-SU-2025:01919-1
SUSE-SU-2025:0847-1
SUSE-SU-2025:0856-1
SUSE-SU-2025:0955-1
SUSE-SU-2025:20190-1
SUSE-SU-2025:20192-1
SUSE-SU-2025:20260-1
SUSE-SU-2025:20270-1
SUSE-SU-2025_0847-1
SUSE-SU-2025_0856-1
SUSE-SU-2025_0955-1
USN-7521-1
USN-7521-2
USN-7521-3
USN-7651-1
USN-7651-2
USN-7651-3
USN-7651-4
USN-7651-5
USN-7651-6
USN-7652-1
USN-7653-1
USN-7737-1

Produtos afetados

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu