Divide-by-Zero Vulnerability in Linux Kernel Affecting MultiPath TCP Functionality
CVE-2025-68291

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 December 2025

What is CVE-2025-68291?

A divide-by-zero vulnerability has been identified in the MultiPath TCP (MPTCP) implementation of the Linux kernel, which could lead to unexpected behavior during the fast close operation, specifically in the function mptcp_do_fastclose(). A report by syzbot indicated an occurrence of the issue during execution, necessitating the initialization of the rcv_mss variable to a safe minimum value before being utilized in the tcp_send_active_reset() call. This fix aims to enhance the stability and security of MPTCP operations, ensuring reliable performance and mitigating the risk of crashes.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 9ea05fabce31ff93a0adae8221c58bc6d7b832f3 < 46b8b58f93f1b383c3840fc6e8fab6c3bce9295f

Linux 3a13454fd098ed51e733958488f8ec62859a9ed8

Linux f6fb2cbc91a81178dea23d463503b4525a76825d < 05f5e26d488cdc7abc2a826cf1071782d5a21203

References

https://git.kernel.org/stable/c/46b8b58f93f1b383c3840fc6e...
https://git.kernel.org/stable/c/eee39f83246a81d970a9ecb73...
https://git.kernel.org/stable/c/05f5e26d488cdc7abc2a826cf...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.