Primary

Context

Linux Kernel MPTCP Use-After-Free Vulnerability in Active Enable Function

Vulnerability

Patched

A use-after-free vulnerability has been addressed in the Linux kernel's Multipath TCP (MPTCP) implementation. The issue arose in the 'mptcp_active_enable()' function, which is invoked by 'subflow_finish_connect()'. This function was not always executed under Read-Copy Update (RCU) protection, leading to the potential for a use-after-free condition when accessing the socket's destination device. The vulnerability has been fixed by modifying the function to use RCU-safe versions of the destination retrieval functions.

Impact

Exploitation of this vulnerability could lead to a use-after-free condition, potentially allowing for memory corruption or arbitrary code execution.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for downloading the patched version are available on the Linux Kernel Archive.

Added: Nov 12, 2025, 11:58 AM

Updated: Nov 12, 2025, 5:33 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

1.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

1.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel MPTCP Use-After-Free Vulnerability in Active Enable Function

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating