Linux Kernel Vulnerability in MPTCP Path Manager Affecting Multiple Versions
CVE-2025-21706

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
27 February 2025

What is CVE-2025-21706?

A vulnerability in the Linux kernel related to the MultiPath TCP (MPTCP) implementation allows an incorrect setting of the 'fullmesh' flag on endpoints not intended for this allocation. This can lead to unexpected overrides in the endpoint linking process, which may impact the stability and functionality of ongoing connections. This flaw stems from permissive behavior in the set_flags() function, which potentially exposes 'implicit' endpoints to the 'fullmesh' setting, allowing suboptimal routing of data. Proper validation should be implemented to bolster endpoint management and prevent erroneous configuration.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 73c762c1f07dacba4fd1cefd15e24b419d42320d < 22b0734c9401a74ed4ebd9e8ef0da33e493852eb

Linux 73c762c1f07dacba4fd1cefd15e24b419d42320d

Linux 73c762c1f07dacba4fd1cefd15e24b419d42320d < 8ac344cbd84fda75e05e1f445f7f8fb24dc175e1

References

https://git.kernel.org/stable/c/22b0734c9401a74ed4ebd9e8e...
https://git.kernel.org/stable/c/de3b8d41d2547452c4cafb146...
https://git.kernel.org/stable/c/8ac344cbd84fda75e05e1f445...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.