PT-2025-8788 · Linux+6 · Linux Kernel+6

Syzbot

·

Published

2025-01-27

·

Updated

2026-04-20

·

CVE-2025-21705

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for the mptcp fastopen disconnect issue
Description A vulnerability in the Linux kernel's mptcp protocol has been identified, where the handling of disconnect() generated internally by the MPTCP protocol in case of connect FASTOPEN errors is incorrect. This can lead to data stream corruption. The issue was triggered by Syzbot, causing a warning and a call trace. The root cause is the bad handling of disconnect() in case of FASTOPEN errors.
Recommendations For Linux kernel versions prior to the version that includes the fix for the mptcp fastopen disconnect issue, consider applying a patch that increases the socket disconnect counter even in cases of connect FASTOPEN errors, allowing other threads waiting on the same socket lock to properly error out. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2025-11951
CVE-2025-21705
DLA-4102-1
OESA-2025-1339
OESA-2025-1340
OPENSUSE-SU-2025_0847-1
OPENSUSE-SU-2025_0856-1
OPENSUSE-SU-2025_0955-1
SUSE-SU-2025:01919-1
SUSE-SU-2025:0847-1
SUSE-SU-2025:0856-1
SUSE-SU-2025:0955-1
SUSE-SU-2025:20190-1
SUSE-SU-2025:20192-1
SUSE-SU-2025:20260-1
SUSE-SU-2025:20270-1
SUSE-SU-2025_0847-1
SUSE-SU-2025_0856-1
SUSE-SU-2025_0955-1
USN-7521-1
USN-7521-2
USN-7521-3
USN-7651-1
USN-7651-2
USN-7651-3
USN-7651-4
USN-7651-5
USN-7651-6
USN-7652-1
USN-7653-1
USN-7737-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu