Primary

Context

Linux Kernel MPTCP Subflow IPv6 Request Destructor Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's Multipath TCP (MPTCP) implementation has been addressed. Previously, the TCP request socket destructor for IPv4 was used, even when the subflow was IPv6. This oversight could lead to memory leaks, particularly with certain advanced IPv6 features that involve specific IPv6 options. The vulnerability has been fixed by ensuring the correct destructor is applied for IPv6 subflows.

Impact

The vulnerability could cause memory leaks in the MPTCP implementation, particularly when handling advanced IPv6 features.

Remediation

Users can upgrade to the latest version of the Linux kernel to address this vulnerability. The specific commit that resolves the issue is available in the Linux kernel stable tree.

Added: Dec 24, 2025, 4:37 PM

Updated: Dec 24, 2025, 4:37 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

1.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

1.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel MPTCP Subflow IPv6 Request Destructor Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating