PT-2024-7713 · Linux+9 · Linux Kernel+9

Published

2024-02-01

·

Updated

2025-09-29

·

CVE-2024-26826

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the MPTCP (Multipath TCP) component in the Linux kernel. When the MPTCP PM detects that a subflow is stale, the packet scheduler must re-inject all the mptcp-level unacked data. However, the check for unacked data in the RTX queue is currently broken, as it uses a TCP-specific helper on an MPTCP socket. This issue was exposed by a recent unrelated TCP change, which reorganized the tcp sock fast path variables. The problem can be fixed by dropping the bogus call, as the code is on a slow path and the early optimization proved to be flawed.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

ALSA-2024:4211
ALSA-2024:4352
ALSA-2024:8617
ALSA-2025_16880
BDU:2024-09173
CESA-2024_4211
CESA-2024_4352
CVE-2024-26826
INFSA-2024_4211
INFSA-2024_4352
INFSA-2024_8617
RHSA-2024:4211
RHSA-2024:4352
RHSA-2024:5065
RHSA-2024:6993
RHSA-2024:8613
RHSA-2024:8614
RHSA-2024:8617
RHSA-2024_4211
RHSA-2024_4352
RHSA-2024_8617
RLSA-2024:4211
RLSA-2024:4352
RLSA-2024:8617
RXSA-2024:4211
SUSE-SU-2024:2802-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6766-1
USN-6766-2
USN-6766-3
USN-6795-1
USN-6828-1
USN-6895-1
USN-6895-2
USN-6895-3
USN-6895-4
USN-6900-1

Affected Products

Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu