CVE-2024-40931
Published: Jul 12, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure snd_una is properly initialized on connect This is strictly related to commit fb7a0d334894 ("mptcp: ensure snd_nxt is properly initialized on connect"). It turns out that syzkaller can trigger the retransmit after fallback and before processing any other incoming packet - so that snd_una is still left uninitialized. Address the issue explicitly initializing snd_una together with snd_nxt and write_seq.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 8fd738049ac3d67a937d36577763b47180aae1ad - < 208cd22ef5e57f82d38ec11c1a1703f9401d6ddeaffected 8fd738049ac3d67a937d36577763b47180aae1ad - < 7b9c7fc8600b64a86e4b47b2d190bba380267726affected 8fd738049ac3d67a937d36577763b47180aae1ad - < f03c46eabb3a67bd2993e237ab5517f00a5f1813affected 8fd738049ac3d67a937d36577763b47180aae1ad - < f1f0a46f8bb8890b90ab7194f0a0c8fe2a3fb57faffected 8fd738049ac3d67a937d36577763b47180aae1ad - < ef473bf1dd7e8dd08bcc04b9e2d1bfed69a0a7ce+1 more versions |
Linux | Linux | affected 5.9unaffected 0 - < 5.9unaffected 5.10.221 - <= 5.10.*unaffected 5.15.162 - <= 5.15.*unaffected 6.1.95 - <= 6.1.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now