PT-2026-2905 · Linux+2 · Linux Kernel+2

Published

2025-01-01

Updated

2026-06-16

CVE-2025-71144

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc7-05427-g11fc074f6c36

Description The Linux kernel contains a flaw within the MPTCP implementation related to handling subflow context during disconnection. Specifically, if an MPTCP subflow is already in a TCP CLOSE state or has fallen back to TCP at the time of disconnection, the send fastclose flag may not be correctly set. This can lead to a failure to reset the subflow context, potentially causing issues with subsequent connections, including warnings in subflow data ready(). The issue arises from an incorrect handling of the fastclosing flag and its subsequent check after mptcp do fastclose().

Recommendations Update to Linux kernel version 6.18.0-rc7-05427-g11fc074f6c36 or a later version that addresses this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2025-71144

ECHO-47F3-9088-8B24

MGASA-2026-0017

MGASA-2026-0018

USN-8179-1

USN-8179-2

USN-8179-3

USN-8179-4

USN-8184-1

USN-8185-1

USN-8185-2

USN-8203-1

USN-8204-1

USN-8258-1

USN-8260-1

USN-8265-1

USN-8277-1

USN-8277-2

USN-8310-1

USN-8374-1

USN-8440-1

Affected Products

Linuxmint

Linux Kernel

Ubuntu

PT-2026-2905 · Linux+2 · Linux Kernel+2

CVE-2025-71144

Related Identifiers

Affected Products

References · 470