Linux Kernel TCP SND_CWND Accessor Vulnerability

Vulnerability

A vulnerability in the Linux kernel's TCP implementation has been addressed by adding accessors to read and set the TCP send congestion window (snd_cwnd). This change was prompted by previous issues where the assumption that snd_cwnd was always greater than zero was violated. Recently, the syzbot tool reported a warning related to zero congestion window values, which could lead to significant debugging challenges. The new accessors aim to prevent snd_cwnd from being set to invalid values, thereby improving the robustness of TCP congestion control.

Impact

The vulnerability could lead to improper handling of TCP congestion control, potentially allowing for congestion window values to be incorrectly set or read, which could disrupt normal TCP flow control and performance.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.0

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel TCP SND_CWND Accessor Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating