CVE-2024-46711
Severity:
Pending analysis
Type:
Unavailable / Other
Publication date:
13/09/2024
Last modified:
13/09/2024
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
mptcp: pm: fix ID 0 endp usage after multiple re-creations<br />
<br />
&#39;local_addr_used&#39; and &#39;add_addr_accepted&#39; are decremented for addresses<br />
not related to the initial subflow (ID0), because the source and<br />
destination addresses of the initial subflows are known from the<br />
beginning: they don&#39;t count as "additional local address being used" or<br />
"ADD_ADDR being accepted".<br />
<br />
It is then required not to increment them when the entrypoint used by<br />
the initial subflow is removed and re-added during a connection. Without<br />
this modification, this entrypoint cannot be removed and re-added more<br />
than once.