CVE-2024-46711

Published: Sep 13, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: fix ID 0 endp usage after multiple re-creations 'local_addr_used' and 'add_addr_accepted' are decremented for addresses not related to the initial subflow (ID0), because the source and destination addresses of the initial subflows are known from the beginning: they don't count as "additional local address being used" or "ADD_ADDR being accepted". It is then required not to increment them when the entrypoint used by the initial subflow is removed and re-added during a connection. Without this modification, this entrypoint cannot be removed and re-added more than once.

Vendor	Product	Versions
Linux	Linux	affected `3ad14f54bd7448384458e69f0183843f683ecce8 - < c9c744666f7308a4daba520191e29d395260bcfe` affected `3ad14f54bd7448384458e69f0183843f683ecce8 - < 53e2173172d26c0617b29dd83618b71664bed1fb` affected `3ad14f54bd7448384458e69f0183843f683ecce8 - < 119806ae4e46cf239db8e6ad92bc2fd3daae86dc` affected `3ad14f54bd7448384458e69f0183843f683ecce8 - < 9366922adc6a71378ca01f898c41be295309f044`
Linux	Linux	affected `6.0` unaffected `0 - < 6.0` unaffected `6.1.109 - <= 6.1.` unaffected `6.6.49 - <= 6.6.` unaffected `6.10.8 - <= 6.10.*` +1 more versions

References

https://git.kernel.org/stable/c/c9c744666f7308a4daba520191e29d395260bcfe

https://git.kernel.org/stable/c/53e2173172d26c0617b29dd83618b71664bed1fb

https://git.kernel.org/stable/c/119806ae4e46cf239db8e6ad92bc2fd3daae86dc

https://git.kernel.org/stable/c/9366922adc6a71378ca01f898c41be295309f044

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-46711

Description

Affected Products

References