Maxim Galaganov

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a soft lookup in the `subflow error report()` function of the Linux kernel's mptcp component. This can cause a soft lockup when the function tries to acquire the `mptcp data lock` from different contexts, such as plain ssk socket lock, ssk socket lock + `mptcp data lock`, or ssk socket lock + `mptcp data lock` + msk socket lock. The problem is addressed by moving the error reporting call to outer functions where the held locks list is known, allowing only the necessary locks to be acquired. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to the MPTCP protocol in the Linux kernel, where the `mptcp frag can collapse to()` function assumes that only MPTCP will use the given page frag. However, if other protocols, such as plain TCP, allocate page fragments, it can lead to re-using already allocated memory for `mptcp data frag`. This can cause data stream corruption when forcing a TCP transparent proxy to use the MPTCP protocol for inbound connections. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.