CVE-2021-47132

Published: Mar 15, 2024

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sk_forward_memory corruption on retransmission MPTCP sk_forward_memory handling is a bit special, as such field is protected by the msk socket spin_lock, instead of the plain socket lock. Currently we have a code path updating such field without handling the relevant lock: __mptcp_retrans() -> __mptcp_clean_una_wakeup() Several helpers in __mptcp_clean_una_wakeup() will update sk_forward_alloc, possibly causing such field corruption, as reported by Matthieu. Address the issue providing and using a new variant of blamed function which explicitly acquires the msk spin lock.

Vendor	Product	Versions
Linux	Linux	affected `64b9cea7a0afe579dd2682f1f1c04f2e4e72fd25 - < b9c78b1a95966a7bd2ddae05b73eafc0cda4fba3` affected `64b9cea7a0afe579dd2682f1f1c04f2e4e72fd25 - < b5941f066b4ca331db225a976dae1d6ca8cf0ae3` affected `96db8ffef07516a6d7414b6988f2a4298a839977` affected `5.11.4 - < 5.12`
Linux	Linux	affected `5.12` unaffected `0 - < 5.12` unaffected `5.12.10 - <= 5.12.` unaffected `5.13 - <= `

References

https://git.kernel.org/stable/c/b9c78b1a95966a7bd2ddae05b73eafc0cda4fba3

https://git.kernel.org/stable/c/b5941f066b4ca331db225a976dae1d6ca8cf0ae3

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-47132

Description

Affected Products

References