cve/2024/CVE-2024-26708.md
2024-05-25 21:48:12 +02:00

918 B

CVE-2024-26708

Description

In the Linux kernel, the following vulnerability has been resolved:mptcp: really cope with fastopen raceFastopen and PM-trigger subflow shutdown can race, as reported bysyzkaller.In my first attempt to close such race, I missed the fact thatthe subflow status can change again before the subflow_state_changecallback is invoked.Address the issue additionally copying with all the states directlyreachable from TCP_FIN_WAIT1.

POC

Reference

No PoCs from references.

Github